Archives page

Posts Tagged ‘dickstein shapiro’

Your “Preparedness Plan” for a Government Shutdown

by Strategic Partner Justin A. Chiarodo, Partner and Heather L. Petrovich, Dickstein Shapiro

With Congress quickly approaching a September 30 funding deadline with no adequate spending measures in place, and the Office of Management and Budget now directing agencies to prepare contingency plans, the possibility of a government shutdown is becoming increasingly likely. Unfortunately, government contractors faced these challenges just two short years ago during a 16-day shutdown. Among other challenges, contractors may face a lack of incremental funding; the inability to enter into new contracts or contract modifications; closed government facilities; furloughed government employees; delayed payments; increased indirect costs; and unexercised and deferred contract options. This alert highlights steps government contractors can take to protect their business interests in the event of a shutdown.

Review Your Contracts

Reviewing your contracts is good advice in all times, but particularly so when facing a shutdown. Several key areas are worth reviewing before a shutdown. First, contractors should consider the amount and type of contract funding for each contract. A shutdown will affect incrementally funded contracts more than fully funded contracts. Though exceptions may apply, the funding for incrementally funded contracts may lapse in the event of a shutdown, which could cause the contract work to come to a halt. Fully funded contracts may be impacted by furloughed employees, facility closures, or other unexpected costs. Second, the place of contract performance may affect the ongoing work on a contract if the contractor is performing at a government facility. Many government facilities will close during a shutdown and furloughed employees or limited hours may affect those government facilities that do remain open. Third, the period of contract performance may affect a contract in that the government cannot exercise options and contract extensions during a shutdown. Fourth, the statement of work could also affect how the shutdown applies to a contract. For instance, national security and emergency preparedness contracts are much more likely to be funded during a shutdown than facility maintenance work. Nonetheless, even those exempt contracts may still be affected if the statement of work requires contractors or projects to interact with furloughed employees.

Communicate With Your Contracting Officers

It is important for contractors to seek written guidance from their contracting officers before a shutdown about contract performance during a shutdown. Among other things, contractors should seek guidance on whether facilities will remain open, whether employees should continue working, and whether contract performance should continue. If the contracting officer informs contractors that contract performance should not continue during the shutdown, contractors should insist on a written stop-work order to protect their interests. Further, contractors should request a stop-work order for contracts that remain funded, but cannot be continued during the shutdown due to furloughed employees or closed government facilities. Finally, contractors should contemporaneously inform contracting officers in writing of any expected delays or added expenses to mitigate the potential for future disagreements regarding these expenses or delays.

Prepare Employees and Subcontractors

Contractors should take steps to prepare employees and subcontractors if they determine there is a need to furlough employees or suspend subcontracts during a shutdown. These actions should be coordinated with appropriate legal and HR support. Once an action plan is in place, the contractor should take steps to diminish the effects of a shutdown. To mitigate risk to employees, contractors should consider reassigning idle employees to exempt or unaffected programs or requiring employees to use their accrued paid leave during the shutdown if there is no state law or agreement to the contrary.

Prepare for Lengthy Payment Delays

Contractors should prepare to go without payment from the government for an extended period on their non-exempt contracts. To mitigate the possible effects of the shutdown, contractors should collect any possible government receivables before the shutdown occurs and contact and advise creditors about their situation. Further, contractors should consider methods of stretching cash flow by evaluating cash reserves, considering additional lines of credit, and reallocating non-essential budgetary resources, such as business development or advertising funds.

Make a Record

A shutdown will likely lead to additional expenses or delays. These can occur through extra material and vendor costs, costs associated with ramping up or winding down contracts, unabsorbed overhead, delays from furloughed employees, or intervening contractual actions. Contractors should document these expenses as they occur and memorialize all correspondence with agencies, contracting officers, employees, and subcontractors in writing. Contractors should also record any unavoidable costs or actions taken to mitigate costs during the shutdown in order to validate subsequent requests for equitable adjustment that contractors may submit once the shutdown ends.

Comply With All Normal Deadlines

Unless contractors are explicitly notified in writing otherwise, they should continue to comply with all government-related deadlines. This includes deadlines for solicitations, bid protests, claims, appeals of contracting officers’ final decisions, and any litigation deadlines. Although some deadlines may be tolled during a shutdown, these rules can vary among agencies. The safest way to avoid any missed deadlines is to assume they are not moving. On the flip side of this coin, contractors should also be aware that a shutdown may cause proposals to be awarded far later than expected due to shutdown-related delays.

For Additional Information

To learn more about how we can work with you to address the issues summarized above, please contact GTSC Strategic Partner Justin A. Chiarodo at chiarodoj@dicksteinshapiro.com or (202) 420-2706, Heather L. Petrovich at petrovichh@dicksteinshapiro.com or (202) 420-2693.

Fleshman, Torres Assume Leadership of GTSC Lion’s Den

BETH FLESHMAN, ALION AND GUY TORRES, SALIENT, ASSUME LEADERSHIP OF THE GTSC LION’S DEN

Industry leaders will continue to focus on growth for midtier government contractors

Washington, D.C. June 4 — The Government Technology & Services Coalition today announced that Beth Fleshman, Assistant Vice President, Alion Science & Technology ascended to Chair of the Lion’s Den, a group of GTSC members focused on midtier company growth in the federal market. Guy Torres, Vice President of Strategic Initiatives for Salient Federal Solutions and formerly director of IT contracting for U.S. Customs and Border Protection, joined as Vice-Chair.

“I am excited to lead this distinguished group,” said Fleshman. “I think the Lion’s Den has made a tremendous amount of progress raising awareness about the midtier challenges, and more importantly, has identified some of the paths we believe will lead to more concrete opportunities for midtier government contractors,” said Fleshman at the announcement.

“I worked with GTSC while at CBP and found their priorities, and their rapid progress toward those priorities a great fit for Salient’s objectives for continued growth. I believe that serving as Vice Chair will allow me to guide some of our initiatives and continue to make real progress on the midtier front,” added Torres. “The latest campaign launch — especially the Lion’s Den infographic — is already making an impact.”

GTSC made the leadership change, replacing Brad Cole, Vice President of Agilex, after Accenture’s recent purchase of Agilex. “We are very grateful to Brad for his tremendous leadership — his vision and commitment to the Lion’s Den and to GTSC brought true thought leadership to the midtier challenge. We look forward to continuing our work with him at Accenture,” said Kristina Tanasichuk, CEO of the Coalition.

Fleshman and Torres will participate in their first public discussion of midtier growth June 15 with Porter Goss, former director of the CIA and Senior Advisor at Dickstein Shapiro; Kevin Boshears, OSDBU, DHS; Michael Stabolepszy, Managing Partner & Founder of IntegrityOne Partners; Lindsay Sheehy, Partner at Dickstein Shapiro, and Ryan Hoffman, Director, The Chertoff Group. REGISTER

The Government Technology & Services Coalition is home to the Lion’s Den, a distinguished cadre of mid-sized companies devoted to the homeland and national security market. The group launched GTSC Mid Tier Solution to bring attention to the challenges of midtier government contractors in the federal market. The campaign launched with the first of a series of infographics on the value proposition for government leaders considering and selecting a midtier company. The Lion’s Den is focused on creating and supporting programs, policies and ventures to support the continuum of growth from small to mid-sized through partnership, advocacy and increased business opportunities. For more information, and to join the Lion’s Den, visit www.GTSCoalition.com.

Join the conversation on twitter with #midtier.

###

The Government Technology & Services Coalition (GTSC) is a nonprofit, non-partisan 501(c)(6) association of companies that create,develop and implement solutions for the federal homeland and national security sector. Our vision is to provide an ethical, effective platform for information exchange between the public and private sector on homeland and national security ideas, technologies and innovations. Our mission is to provide exceptional advocacy, capacity building, partnership opportunities and marketing in the Federal security space for small and mid-sized companies and to support and assist our government partners achieve their critical missions with the highest integrity; best and most innovative technologies; and results-based, quality products and services to prevent, protect against, mitigate, respond to and recover from any terrorist attack or natural disaster. For more information on these mentors and the Government Technology & Services Coalition, please visit www.GTSCoalition.com.

DOJ Aggressively Pursuing False Claims Act Violations: States Follow Suit

Over the last decade, False Claims Act (“FCA”) litigation has exploded, and actions asserting new theories of liability are resulting in increasingly large recoveries. Last year the U.S. Department of Justice (DOJ) announced that it had recovered $3.8 billion under the federal FCA in FY 2013. From all appearances FY 2014 promises to be another “banner year for civil fraud recoveries,” and the DOJ has already put up impressive numbers, particularly against pharmaceutical and medical device companies, including a massive $2.2 billion settlement with Johnson & Johnson, as well as settlements with Endo Health Solutions Inc. ($192.7 million), Halifax Hospital Medical Center ($85 million), and Amedisys, Inc. ($150 million).

While the DOJ continues to vigorously pursue FCA cases against companies in the health care and other sectors, cash-strapped states are now following suit. State Attorneys General (AGs) have increasingly pursued novel and creative FCA actions, as have private plaintiffs, who are authorized by qui tam provisions to stand in the shoes of states to sue and receive part of any recovery. A driver of this action was the Deficit Reduction Act (DRA) of 2005, which authorized states to receive, in addition to their own recoveries, 10 percent of the federal government’s share of recovered Medicaid funds if their FCAs are at least as robust as the federal FCA. As a result, since 2005 nearly a dozen states have either enacted false claims statutes or have amended existing statutes to make them equally or more robust than the federal FCA, including incorporating qui tam provisions and broadening the circumstances under which companies can be found liable for violations.

For example, late last year, in response to the DRA, New York state amended its FCA (New York State Finance Law § 187, et seq. (NY FCA)), to bring its false claims law more in line with the federal FCA. The New York statute now includes a “reverse false claims” provision that imposes liability as broadly as the federal FCA, providing that a person may be held liable for violating the NY FCA if that person “[k]nowingly conceals or knowingly and improperly avoids or decreases an obligation to pay or transmit money or property to the state or a local government, or conspires to do the same….” (NY FCA § 189(1)(h)). The New York amendments also allow the state, as intervenor in a qui tam case, to relate back to the qui tam plaintiff’s filing date for statute of limitations purposes, expanding the period for which the state can seek recoveries. In addition, the law provides attorneys’ fees for successful qui tam plaintiffs, incentivizing the plaintiff’s bar to partner with the state or pursue their own cases under the NY FCA.

Recent developments in California also have made California False Claims Act (CFCA) cases more likely. In October of last year, California Governor (and former AG) Jerry Brown signed into law amendments to California’s general whistleblower statute (Cal. Labor Code § 1102.5) extending already existing whistleblower protections to employees who report illegal behavior internally to supervisors or those responsible for compliance. The amendments also imposed liability on any person working on an employer’s behalf who retaliates against an employee who engages in protected whistleblowing activity. In addition, a California appellate court, in San Francisco United School District ex. rel. Contreras v. First Student, Inc., No. A136986, Cal. Court App. (1st Dist. Mar. 11, 2014), recently expanded liability under the CFCA by approving the “implied certification” theory, holding that “a vendor impliedly certifies compliance with express contractual requirements when it bills a public agency for providing goods or services.” As a result, government contractors that do business with the state of California are now exposed to CFCA liability if they knowingly submit an invoice while in breach of a material contract term, whether or not they expressly certified compliance with material contract terms.

California and New York are just two high-profile examples of a national trend. Florida AG Pam Bondi worked with the legislature to significantly amend the Florida FCA last year to expand its scope and provide new subpoena powers and penalties. In Vermont, AG Bill Sorrell worked with several state senators to introduce a new FCA patterned on the federal act, after the state collected more than $23.5 million since 2010 through cooperative work with the DOJ on Medicaid fraud cases.

Because many states are facing substantial budget pressure, FCA activity, in particular Medicaid fraud cases, are likely to substantially increase in 2014 and beyond. In January Texas AG Greg Abbott announced that Hi-Tech Pharmacal Co. will pay $25 million to settle claims that it submitted inflated pricing information for certain prescription drugs from 1995 to 2013. In April Texas settled a state FCA lawsuit against HEB Grocery Co. for $12 million, settling claims that HEB overcharged the Texas Medicaid program for prescription drugs. Florida also reached a $7 million agreement recently with All Children’s Health System to settle allegations that the hospital violated the federal and Florida’s FCA by submitting illegal Medicaid claims.

FCA cases are not limited to health care. New York AG Eric Schneiderman, who as a state legislator sponsored a substantial 2010 expansion of the NY FCA, has pursued a ground-breaking FCA reverse false claims case against Sprint Nextel Corporation for allegedly under-collecting and underpaying more than $100 million in New York state and local sales taxes. In late February a New York appellate court upheld a lower court’s decision denying Sprint’s motion to dismiss the case. FCA cases have also recently been brought against or settled with technology providers and construction firms for providing allegedly defective products and services or inflating their billing, energy companies for underpaying royalties, and mortgage lenders for alleged false applications for HUD-sponsored insurance and federal loan financing.

State FCAs have also become fertile ground for creative plaintiff’s attorneys. Prominent plaintiff’s firms have long cultivated relationships with AGs as they sought to represent the states in civil lawsuits such as the tobacco litigations of the 1990s and more recent consumer protection and public nuisance suits against the pharmaceutical and other industries. Plaintiff’s lawyers have also taken notice of the potential for large automatic recoveries in qui tam suits. 647 federal qui tam suits were filed by private plaintiffs in 2012 alone, compared to only 30 in 1987. This upward trend is likely to continue as plaintiffs increasingly assert multiple state FCA claims alongside federal claims and attempt to work alongside AGs in pursuing such cases.

There are steps companies can take to reduce their potential exposure to FCA actions brought by the federal government, AGs, and/or qui tam plaintiffs. Any company that provides goods or services to the government, or even subcontracts to do so, should do the following:

(1) Create and update its compliance program to ensure current compliance with all applicable legal requirements and to flag potential problems early before they give rise to an FCA claim.

(2) Establish appropriate and continuous training programs that inform employees of key legal obligations, and encourage employees to bring problems to the attention of supervisors and compliance officers.

(3) Periodically audit business activities to ensure those activities conform to the company’s compliance program by conducting interviews, surveying employees, and providing employees with opportunities to provide feedback regarding potential wrongdoing.

(4) Fully and seriously investigate all allegations of impropriety, no matter how unlikely, and regardless of the whistleblower’s credibility or motivations.

(5) Carefully consider the ramifications of strategies that impact taxes or royalties remitted to the government and whether such plans might become the basis for reverse FCA claims.

More broadly, companies involved in supplying goods or services paid for by the government should familiarize themselves with, and even develop relationships with the DOJ authorities and AGs who are authorized to bring FCA cases or oversee qui tam litigations. Given the increasingly innovative ways FCA claims are asserted, companies cannot risk hiding their heads in the sand regarding their potential exposure. Knowing the government authorities responsible for such cases can provide critical insight to understanding their priorities, their complex relationships with qui tam plaintiffs, and the future directions and likely developments in this increasingly important area of the law.

Contributing Authors:

Merle DeLancey primarily represents healthcare clients involved in a broad spectrum of government contracting issues and litigation. He also formulates strategies for expanding contracting opportunities using the General Services Administration (GSA) and Department of Veterans Affairs (DVA), Federal Supply Schedules (FSS), and other government-wide acquisition and indefinite delivery, indefinite quantity contract vehicles. Merle also has substantial experience in complex, multidistrict litigation in federal district courts throughout the United States.

Bernard Nash joined Dickstein Shapiro in 1988 and leads the firm’s State Attorneys General Practice, where he represents clients in complex state and federal legal and legislative matters. Bernie’s work typically involves cases of first impression, matters having public policy implications and/or a governmental interest, and complex litigation. He routinely counsels major private sector clients on a wide range of matters involving State Attorneys General and also has represented states in significant policy disputes. According to Chambers USA: America’s Leading Lawyers for Business, Bernie is “the leading practitioner in the country” who has “cornered the market” in representing clients before State Attorneys General and is known as “the godfather of State Attorney General work.”

Andrew Smith is an associate in Dickstein Shapiro’s Government Contracts Practice. Andrew focuses on complex civil litigation matters relating to antitrust, unfair trade, mass torts, product liability, and general commercial law. He also has represented and counseled clients in government investigations and government contract matters, including False Claims Act investigations and litigation, and claims and bid protests before the U.S. Government Accountability Office. Additionally, Andrew has been actively involved in providing pro bono legal research assistance to the American Antitrust Institute.

Christopher Allen joined Dickstein Shapiro in 2007. Chris is an associate in the State Attorneys General Practice. He represents clients primarily in connection with state government investigations and complex public policy issues, including outreach, negotiations, and litigations involving consumer protection, pharmaceutical products, data breach, information security compliance, antitrust, and environmental issues.

GTSC Submits Comments on GSA-DOD Cybersecurity & Resilience

GTSC working in collaboration with Brian Finch, of Strategic Partner Dickstein Shapiro and GTSC members Robert V. Jones, CEO of PReSafe Technologies, Larry Grant, CEO, EnProVera and Gary Daemer and Mark Dale, InfusionPoints submitted comments to the Joint Working Group on Improving Cybersecurity and Resilience Through Acquisition. GTSC’s comments focused on clear and achievable cyber requirements that will not provide a competitive disadvantage for small and mid-sized companies. Additionally, GTSC highlighted that an “LPTA” environment is not conducive to robust cybersecurity and that procurements that seek best value are more appropriate. Please email us if you’d like a copy of our comments.

Comments on DOD-GSA Cyber Resilience Rules Needed!

On Wednesday, March 12, 2014, the Department of Defense (DOD) and General Services Administration (GSA) Joint Working Group on Improving Cybersecurity and Resilience Through Acquisition (Working Group) requested public comments on its draft implementation plan (draft plan) for federal cybersecurity acquisition. See 79 Fed. Reg. 14042 (Mar. 12, 2014). The draft plan is the first of several steps toward implementing the recommendations outlined in the Working Group’s recently finalized report on Improving Cybersecurity and Resilience Through Acquisition (see our previous blog post for a summary).

As comments are due on April 28, 2014, federal contractors and other stakeholders should act quickly to submit their views on what will have a significant and lasting impact on federal cybersecurity acquisition practices.

The draft plan proposes a repeatable, scalable, and flexible framework for addressing cyber risk in federal acquisitions, and by design, it will affect nearly all contracting entities. The draft plan proposes a “taxonomy” for categorizing procurements so that the government can effectively prioritize those in need of additional resources, attention, and safeguards. As proposed, the taxonomy is modeled on Federal Information and Communications Technology (ICT) acquisitions—though the Working Group has asked whether this framework is a workable model for the categorization of all acquisitions. The Working Group would use the ICT framework to categorize all acquisitions that present cyber risk, after which it would separately assess the risks within each category. Categories that present greater cybersecurity risk (based on threats, vulnerabilities, and impacts) would receive more and faster attention in acquisitions. The taxonomy is, in our view, the most significant new development in the draft plan, as it will serve as the principal basis for categorizing the extent of cyber regulations for procurements. This aspect of the plan accordingly warrants particularly close attention.

The Working Group seeks comments in many areas, including whether:

(a) the approach is workable;

(b) the process will obtain sufficient stakeholder input;

(d) the approach will satisfy the goals of Recommendation IV of the final report, i.e., whether it creates a repeatable, scalable, and flexible framework for addressing cyber risk in federal acquisitions;

(e) the major tasks and sub-tasks are appropriate and, if implemented, will achieve the identified outputs/completion criteria;

(f) the taxonomy and category definitions can be used to develop overlays (a fully specified set of security requirements and supplemental guidance that allow for the specific tailoring of security requirements;

(g) factors can be developed to assess each measure of cybersecurity risk (i.e., threat, vulnerability and impact);

(h) other aspects (e.g., annual spending) should be considered in category prioritization; and

(i) in addition to information security controls derived from the cybersecurity framework and other relevant NIST guidance and international standards, other procedural or technical safeguards that address business cyber risk should be included (e.g., source selection and pricing methodology, source selection evaluation criteria minimum weighting and evaluation methodology, etc).

Submit comments here or contact GTSC to provide input to the Coalition’s response.

Brian Finch, a partner in Dickstein Shapiro’s Washington, DC office, is head of the firm’s Global Security Practice. Named by Washingtonian magazine in 2011 as one of the top 40 federal lobbyists under the age of 40, Brian is a recognized authority on global security matters who counsels clients on regulatory and government affairs issues involving the Department of Homeland Security, Congress, the Department of Defense, and other federal agencies. Dickstein Shapiro is a Strategic Partner of the Government Technology & Services Coalition. You can reach Brian at finch@dicksteinshapiro.com (202)420-4823.

Justin Chiarodo represents clients in all aspects of federal, state, and local procurement law. Named by Law360 in 2013 as a “Rising Star” in Government Contracts, Justin has extensive experience in government contracts litigation, compliance, and regulatory matters, with particular expertise in the defense, health care, technology, and professional services sectors.

Daniel Broderick is a Washington, DC-based associate in Dickstein Shapiro’s Energy Practice. He focuses on regulatory and project development matters affecting clients in the electricity industry, including electric market design, municipalization, compliance, certification, and power purchase agreements.

GTSC Recognizes Leaders in Homeland & National Security Community: U.S. Immigration & Customs Enforcement, Chertoff Group, Dickstein Shapiro, PReSafe Technologies, StrikeForce Consulting, TASC, Inc. recognized

Washington, D.C., February 6, –The Government Technology & Services Coalition (GTSC), the premier organization for small and mid-sized companies in homeland and national security yesterday recognized numerous public and private sector leaders and innovators in homeland and national security at its Annual Awards.

John Morton, former director, U.S. Immigration & Customs Enforcement and John Fantini Porter, Chief of Staff, Management & Administration, were awarded Federal Small Business Champions of the Year; Chad Sweet, co-founder and CEO of the Chertoff Group received the Market Maven award; Robert V. Jones, CEO, PreSafe Technologies for Small Business Member of the Year; Brian Finch, Dickstein Shapiro for Strategic Partner of the Year; Bill Carroll, Managing Partner StrikeForce Consulting, Strategic Advisor of the Year and TASC Inc. for Mentor of the year. Read the release.

Dec. 10: GTSC Holiday Awards

Join the Government Technology & Services Coalition for an extraordinary celebration of a great year and a toast to a new and prosperous 2014 at our Annual Awards Celebration! We’re thrilled to feature our Italian Feast dinner buffet in addition to holiday libations, great company and a fun evening to ring in the holidays.

The 2013 GTSC Holiday Awards honors:

Federal Small Business Champions of the Year Award: John Morton, former Director, U.S. Immigration and Customs Enforcement & Jonathan Porter, Chief of Staff, U.S. Immigration and Customs Enforcement

Federal Small Business Champion of the Year is awarded annually to the Federal official(s) who show a distinct commitment and tangible results toward improving the environment and success for small businesses in the Federal homeland and national security market.

Market Maven of the Year Award: Chad C. Sweet, Co-Founder & CEO, The Chertoff Group

Normally presented at the GTSC Anniversary, 2013 year’s Market Maven of the Year Award will be presented at the holiday party. It is presented to an exceptional individual who contributes in a concrete and tangible way to the efficiency, productivity and effectiveness of the homeland and national security market. Proven as a thought leader with a belief in increasing individual opportunity, the power of free enterprise and the nurture of innovation to advance and support the homeland and national security mission.

Strategic Partner of the Year Award: Brian E. Finch, Partner, Global Security Practice, Dickstein Shapiro LLP

The Strategic Partner of the Year is awarded annually to the Strategic Partner that demonstrates a clear commitment to GTSC, contributes significantly to the content and substance of the organization and provides GTSC members with counsel, insight and resources to perform exceptionally on behalf of the homeland and national security mission.

Strategic Advisor of the Year Award: Bill Carroll, Senior Partner, Strike Force Consulting

The Strategic Advisor of the Year is awarded annually to the Strategic Advisor who works on behalf of GTSC to increase our capacity, membership and opportunities to bring the innovation, creativity and solutions of small and mid-sized companies to the homeland and national security mission.

Small Business Member of the Year Award: PReSafe Technologies LLC

The award is presented annually to the GTSC Member that exemplifies exceptional quality and ethics for the Federal government, a commitment to GTSC’s small business members and advocacy on behalf of our community.

Mentor of the Year Award: TASC & Mike Kelly, Vice President, Business Development, Civil and Infrastructure Security Group, TASC

Mentor of the Year is awarded annually to the GTSC Mentor who has worked to increase members’ understanding of the homeland and national security market, increased business opportunities for small companies through formal and informal mentoring and engages with GTSC to promote an innovative, robust, fair market for all.

About the Border Patrol Foundation

The Border Patrol Foundation provides resources to the families of the fallen and creates awareness of the escalating risk of those who keep America’s borders safe. These services create a financial bridge through the turbulent time following a family’s loss. The Foundation supports programs improving awareness of United States border security and recognizes community leaders supporting the families of the U.S. Border Patrol. The Foundation’s volunteers have served with the U.S. Border Patrol or are professionals, friends and family committed to the importance of securing America’s borders and dedicate their lives to the same.

Thank You to our Sponsors!

Gold Sponsors

Silver Sponsors

Thank you to Old Dominion Strategies!

Support and sponsorships of our holiday event are welcome — please contact us to help make this our best event ever!

Parking & Public Transportation

Parking: There is some on-site and two-hour metered street parking. Parking is also available at GMU.

Metrorail: The Arlington Arts Center is one block south of the Virginia Square-GMU metro station on the Orange line.

Metrobus: Line 24P and ART Line 41 stop directly in front of the AAC.

Oct. 23: Cyber Security: Focus on Public Private Sector Collaboration

Join GTSC and the InfraGard National Capital Region Members Alliance for a cyber program focused on the threats to the public and private sector. gram. Since Executive Order 13636 and PPD-21 were issued in February 2013, there has been a renewed focus on the challenges of security the nation’s digital infrastructure. Most admit and understand that our cyber security relies on a strong and vital collaboration between industry and government — whether that be the industry protecting our critical infrastructure or industry that provides the underpinning of our economy. Legislators on Capitol Hill are trying to determine how to streamline authorities and responsibilities and law enforcement and other agencies in the Federal government are grappling with preventing and mitigating the impacts of this threat. This session will discuss DHS’ role in cyber security, how the private sector and Federal partners are communicating, what threats are at the forefront from cyber hackers, hostile nation states etc. and how we see future collaboration improving to fight these threats and protect our economy and infrastructure.

AGENDA AT A GLANCE

8:00 AM Registration & Breakfast

8:30 AM Conference Introduction

8:45 AM Keynote: The Challenges of Cyber Security

9:30 AM How do we share information more effectively?

10:30 AM What are the latest threats?

11:30 AM Lunch on your own in the National Geographic Society Cafeteria

12:30 PM Keynote: Cyber Security Priorities from the DHS Perspective

1:15 PM Where is the Government Targeting their Resources?

2:00 PM What the Private Sector Do?

2:45 PM Closing Remarks

Confirmed Speakers:

Keynote: Dr. Phyllis Schneck, Deputy Under Secretary for Cyber Security, NPPD, DHS

Dr. Phyllis Schneck, McAfee’s former CTO and vice president of the global public sector, has been named deputy under secretary of cyber security for the National Protection and Programs Directorate at DHS. Join us to hear her priorities for cyber at NPPD!

Denise Anderson, National Council of Information Sharing and Analysis Centers (ISACs); Vice President, Financial Services-ISAC

Noel Due, Supervisory Special Agent, FBI – HQ, Cyber Division, Operation Clean Slate

Brian Finch, Partner, Global Security, Dickstein Shapiro LLP

John Harmon, Partner, Tactical Network Solutions

John Lainhart, CGEIT, CISA, CISM, CRISC, CIPP/G, CIPP/US Partner, Cybersecurity & Privacy, US Public Sector, IBM Global Business Services

James Mulvenon, Vice President, Defense Group Inc., Center for Intelligence Research and Analysis

Vipul Sharma, Vice President & CTO, Civil Government & Healthcare IT solutions, L-3 STRATIS

Trent Teyema, Assistant Special Agent in Charge, FBI WFO, Criminal Division – Cyber Branch

Glenn Wood, Vice President, Technology, InfraGard Board & Co-Chair, Cyber SIG

About the InfraGard National Capital Region Members Alliance

The InfraGard National Capital Region Members Alliance (INCRMA) consists of a growing membership of professionals who are creating a more resilient critical infrastructure in the Washington, DC metro area. These include defense industrial base, information technology, water supply systems, electrical energy, emergency services, law enforcement, health systems, transportation, banking, and telecommunications. Our membership is voluntary yet exclusive and is comprised of individuals from both the public and private sector. The main goal of INCRMA is to promote ongoing communication, education, and community outreach between the public and private sectors and the FBI. In doing so, information is shared, relationships are strengthened, and vital assets are protected. To learn more, visit us at www.infragard.org.

Ten Cyber Issues Board and Chief Legal Officers Need to Know (and Worry) About

Boards of Directors have several fiduciary duties to uphold. Meeting such duties requires addressing cybersecurity and data loss. While this rapidly evolving area has its own unique challenges, boards, as well as the legal officers who advise them, face the same question about how to address cybersecurity, data loss, and data theft as they do any other critical ssue-are they acting prudently, reasonably, and responsibly? More and more boards are now asking themselves, and the legal counsel who advise them, these questions and placing cybersecurity and data theft risks at a higher level of priority than even physical disasters. The factors highlight 10 areas boards and their legal advisors should consider before their companies are faced with a real-world cyber threat.

1. The stakes to share value and the bottom line are high. Cybersecurity and data theft may sound like abstract concepts, but they have impacts-including financial ones-in the real world. It’s been estimated that the global cost of cyberattacks in 2011 was $388 billion in direct financial loss and the cost of recovering from the attacks. Losses can take the form of stolen intellectual property or trade secrets, data destruction, disruption of critical systems, or even damage to physical assets. They also can include the exposure of customer and employee personal information. Any of these scenarios can result in material losses impacting a company’s reputation, bottom line, and share price.

2. The hackers are two steps ahead of you already. While today’s headlines are focused on standard types of data breaches and hacking activity-viruses, malware, physical break-ins, etc.-the next generation of threats, such as heretofore unforeseen attacks (so-called “zero day attacks”), has yet to make it into the public consciousness, but directors and their advisors have to be aware of them. The constantly mutating tactics cyber criminals employ will pose a serious challenge to any company that uses electronic systems. This means boards and their advisors, including GCs, will need to focus their attention on risk mitigation in this area for decades to come.

3. Cyber and data loss threats pose merger risks. Acquiring companies may be subject to significant losses and boards may be exposed to shareholder suits should adequate cybersecurity and other data protection measures not be taken in the context of corporate M&A activity. If a company acquires a target with a malware-infested IT system without appropriate due diligence to avoid that outcome, there is a potential for a wide range of liabilities. Cybersecurity and other data protection methods should be added to the long roster of criteria a board and its legal and business advisors use when evaluating a potential acquisition and acquisition documents should contemplate and provide for appropriate representations, warranties, and indemnities related to cyber thefts and attacks.

4. Lost or stolen intellectual property or customer or employee information can turn a deal from sweet to sour. Imagine your company acquires a target for hundreds of millions of dollars. Then their systems are hacked and the blueprints for the widget that made the company attractive are stolen. Knockoffs flood the market and the company’s value evaporates. Or imagine your company is about to launch a new software program, but it is swiped from your servers days before launch. Similar issues may arise if sensitive customer or employee data is exposed. Among the many questions that will be asked – by many, including investors, business partners and regulators – in the aftermath, is whether or not the board and its legal advisors acted with reasonable care to prevent such incidents.

5. There is a maze of state and federal data protection and data loss notification requirements to navigate.With State Attorneys General and an assortment of federal agencies, including the Federal Trade Commission, having a hand in data protection, breach notification, and disclosure requirements, companies should have plans in place for how to respond in a timely fashion should a breach occur (and, of course, be well-versed on its legal compliance obligations beforehand). The myriad disclosure and notification requirements and cybersecurity obligations will only grow and enforcement activity is likely only to increase, so it is incumbent on companies and their counsel to stay abreast of these developments.

6. The failure to be fully informed of and proactive against cybersecurity and data loss risks could lead to litigation. Companies, directors, and corporate managers could be exposed to litigation risks and potential liability for compromised data, systems, and infrastructure resulting from a cyberattack or data loss. Such claims could include third-party claims for breach of contract, breach of warranty, and/or statutory or common law legal requirements under both state or federal law; claims by state and federal regulators for failure to comply with specific data protection and cybersecurity laws (as well as more general unfair and deceptive trade practice-type laws), shareholder claims for breaches of fiduciary duty in failing to take appropriate steps to protect the company’s assets, and business from cyber theft or other cyberattacks; and for publicly traded companies, investor securities law claims and SEC actions for failing to adequately disclose cyber risks.

7. If the breach doesn’t get you, the litigation will. Even in those instances where a company or its directors are successful in defending a claim following a cyberattack or data loss, such litigation is likely to be expensive and a time-consuming distraction for management and the board. Beyond this, the cyberattack and the resultant attention from related legal proceedings could result in serious reputational harm.

8. There are federal programs available to help mitigate corporate liability through the SAFETY Act. Companies can gain valuable protections offered through an advanced approach to the Support Anti-Terrorism by Fostering Effective Technologies Act of 2002 (known as the SAFETY Act). This law provides tort liability protections for products and services that can be used to detect, defend
against, or respond to cyberattacks. It is essential that boards and their legal advisors be aware of
these programs and assess their applicability to cybersecurity products and services they either
procure or deploy on their own.

9. Insurance coverage is available through traditional or tailored policies. The demand for cybersecurity/data loss-specific coverage is incredibly high, placing pressure on availability, though some forms of traditional-and widely available-coverage such as Commercial General Liability may provide coverage for some types of claims. However, insurers are quickly working exclusions into these kinds of policies. Working with experienced coverage counsel can ensure the right kinds and amounts of coverage are in place.

10. Outside counsel comes with the benefit of attorney-client privilege.While there are armies of consultants at the ready to advise companies should a cyber or data loss incident occur, only legal counsel can offer the shield of attorney-client privilege, thereby ensuring that sensitive information about investigations cannot be used in litigation. Having your cybersecurity/data privacy attorney on speed dial is a good idea.

Is liability inevitable or can steps be taken to mitigate or eliminate it?
Cybersecurity and data loss liability and litigation is in a similar stage as environmental law in the
1970s: there has been a broad awakening that liabilities exist-and that they may be vast.
Companies have no choice but to assess their exposure and plan accordingly. That means in
today’s technology, dependent of business environment, it has become imperative that boards (or
their equivalents) and their business and legal advisors devote appropriate attention to
cybersecurity issues as a matter of good corporate practice and appropriate risk management.

This could mean causing management to (i) undertake a thorough cyber/data loss risk assessment
that includes both company-specific risks and risks to critical third parties that would adversely
impact the company, and (ii) identify and implement best practices relevant to the company’s cyber
and data loss risks.

Most importantly, boards and their senior management, including GCs, have to be aware of the
threats and have management take measures to mitigate them. Failure to do so could easily lead to
losses and liability.

By Divonne Smoyer, Brian E. Finch, & Emanuel Faust

Questions? Ask GTSC’s Strategic Advisor!

Brian Finch

Partner, Dickstein Shapiro LLP

finchb@dicksteinshapiro.com
(202) 420-4823

DISCLAIMER

The GTSC Legal Limits Brief is made available by GTSC for educational purposes only as well as to provide you with general informaiton and a general understanding of the law and legal changes that may impact your business, not to provide specific legal advice. No attorney client relationship is established with GTSC or our legal strategic partners by reading this brief. This information shold not be used as a substitute for competent legal advice from a licensed professional or attorney. Copyright © 2013. All Rights Reserved.