Washington, District of Columbia, United States
Contact Info
8K followers
500+ connections
About
Articles by Robert
-
OIRA Approves Cyber Information Collection: Is This CMMC?
OIRA Approves Cyber Information Collection: Is This CMMC?
By Robert Metzger
-
Responding to the FCA Threat of Cyber Liability - Initial Thoughts
Responding to the FCA Threat of Cyber Liability - Initial Thoughts
By Robert Metzger
Contributions
Activity
-
This week's indictment of a North Korean military agent for ransomware attacks against US hospitals and theft of information from the US government…
This week's indictment of a North Korean military agent for ransomware attacks against US hospitals and theft of information from the US government…
Liked by Robert Metzger
-
Thrilled with the review of my novel "The Restless Wave" (which comes out Oct 8.) Publisher's Weekly says: "This well-told tale is worthy of The…
Thrilled with the review of my novel "The Restless Wave" (which comes out Oct 8.) Publisher's Weekly says: "This well-told tale is worthy of The…
Liked by Robert Metzger
-
Friends and Colleagues - It’s an honor to be considered for the CyberScoop 50 Awards! Thanks for voting!
Friends and Colleagues - It’s an honor to be considered for the CyberScoop 50 Awards! Thanks for voting!
Liked by Robert Metzger
Experience & Education
Publications
-
A Plan for National Cyber Hardening and Resilience
RealClearDefense
We urge Congress to establish and fund a National Cyber Hardening and Resilience Program, with three central purposes: hree central purposes: (1) provide significant new funding to accomplish the objectives of Presidential Executive Order (EO) 14028 to move to the cloud, adopt zero trust architecture, and assure software security; (2) provide significant new funding to harden the sixteen critical infrastructure sectors; and (3) establish a Cyber Safety Fund to provide low-interest, potentially…
We urge Congress to establish and fund a National Cyber Hardening and Resilience Program, with three central purposes: hree central purposes: (1) provide significant new funding to accomplish the objectives of Presidential Executive Order (EO) 14028 to move to the cloud, adopt zero trust architecture, and assure software security; (2) provide significant new funding to harden the sixteen critical infrastructure sectors; and (3) establish a Cyber Safety Fund to provide low-interest, potentially forgivable loans to industry, giving preference to small- and medium-sized enterprises to bolster cyber hardening and resilience immediately.
-
DOD's New Cyber Rules May Spur Contract Disputes
Law360
DoD's new cyber rules require defense contractors to self-assess against cyber requirements and report their scores and planned date of full compliance. Soon to come will be "CMMC" which mandates cyber certification as a precondition to eligibility for award. These new initiatives are new sources for claims and disputes.
Other authorsSee publication -
What's Next For Cybersecurity Maturity Model Certification
Law360
Suppliers to the Department of Defense now are subject to an Interim Rule that increases security demands and launches the Cybersecurity Maturity Model Certification (CMMC) initiative. This article explores how DoD will respond to industry Comments to the Interim Rule and what to expect from the incoming Biden Administration.
Other authorsSee publication -
Supply Chain Intelligence for a Dangerous New World
The National Interest
Published just as the nation learned of the "SolarWinds" attack, this article anticipates cyber attacks delivered through the supply chain and warns specifically that hackers may attempt to "trick unsuspecting software developers into doing the work for them, by incorporating hidden code into target applications and environments. We urge formation of a "National Supply Chain Intelligence Center" to better acquire, accumulate, assess and act upon supply chain threat intelligence.
Other authorsSee publication -
What DOD’s Use Of Cyber Scores May Mean For Contractors
Law360
DoD's new cyber Interim Rule e will require 20,000-plus companies to report a self-assessment of
their cyber compliance to the DOD. This article explores how DoD contracting officers will use the self-assessment scores in the supplier risk assessment that is part of contractor responsibility determinations.Other authorsSee publication -
DOD Contractor Cybersecurity Rule Brings New FCA Risks,
Law360
DoD's new cyber Interim Rule requires organizations to submit self-assessment scores of their compliance with NIST cyber controls. This creates risks under the False Claims Act which should be recognized and managed.
Other authorsSee publication -
Cyber Safety in the Era of Cyber Warfare
The SciTech Lawyer, American Bar Association
Cyber has been rising for years in public consciousness. Recent events place us on the brink of a new era where nation-states execute open and attributable cyber attacks targeting homeland infrastructure and the fabric of our electronically enabled society. In such an era, public safety may come to dominate how security professionals address cyber security.
-
Cybersecurity Enforcement Shouldn't Be Left To FCA Relators
Law360
A recent decision of a U.S. District Court allows an action to proceed, under the False Claims Act, where a qui tam "relator" alleges a contractor knowingly misled the government about its cyber security. We examine the background, review the decision, and offer an assessment of issues presented to contractors as well as government officials.
Other authorsSee publication -
PRIVACY AND CUI: TODAY’S FEDERAL EFFORTS ARE NOT ADEQUATE TO RESPECT CITIZEN INTERESTS
TheSciTech Lawyer, American Bar Association
Federal protection of privacy interests is insufficient. Legacy categories of protected information fail to recognize many forms of data and new methods of collection and exploitation that expose individuals to data abuse, misuse or insecure protection. Security is a component of privacy but respect for privacy demands new policies and new laws to better balance corporate interests in data monetization and regard for individual rights and respect for personal choice.
-
Inside California's New Approach To Innovation Procurement
Law360
California is following the federal lead to use new acquisition methods to improve access to innovation and accelerate demonstration and deployment of new technologies. This article explores the State's "Innovation Procurement Sprint" initiative and draws parallels to federal experience with "Other Transaction Agreements."
Other authorsSee publication -
Deliver Uncompromised: A Strategy for Supply Chain Security and Resilience in Response to the Changing Character of War
The MITRE Corporation
This report that makes recommendations on how the U.S. government and private sector can address growing asymmetric threats like counterfeit parts that pass ordinary inspection but fail operationally and malware that exploits latent vulnerabilities in firmware or software and threaten unintended or unexpected physical results. The report's recommendations will likely require a government-wide approach spanning legislation and regulation, policy and administration, acquisition and oversight…
This report that makes recommendations on how the U.S. government and private sector can address growing asymmetric threats like counterfeit parts that pass ordinary inspection but fail operationally and malware that exploits latent vulnerabilities in firmware or software and threaten unintended or unexpected physical results. The report's recommendations will likely require a government-wide approach spanning legislation and regulation, policy and administration, acquisition and oversight, and programs and technology.
Other authorsSee publication -
Cybersecurity for Defense Manufacturing: New Threats Demand Heightened Response
Bloomberg BNA Government: Federal Contracts Report
New threats to defense manufacturing require realism and action. This article offers specific recommendations for DoD and the defense industrial base.
-
Incident Reporting Key to New Cybersecurity Rule
National Defense Magazine
The "cyber DFARS" requires both safeguarding of Covered Defense Information and incident reporting after a cyber event. This article examines the importance of incident reporting, how DoD uses reports for damage assessment, and recommends means for contractors to satisfy this important obligation.
-
Navigating Defense Department Cyber Rules
NDIA National Defense
This is a short, focuses article looks at the most important issues in interpretation and application of the Pentagon’s cyber security contracting rules
-
Federal Actions to Enable Contractors to Protect ‘Covered Defense Information’ and ‘Controlled Unclassified Information
IT Alliance for Public Sector (ITAPS) (White Paper)
-
Cyber Protection of CDI: Changed Requirements, New Methods, More Questions
Bloomberg BNA Federal Contracts Report
Compliance with the 'Network Penetration' DFARS (and NIST SP 800-171) is due by 12/31/2017. This article looks at key implementation issues and makes recommendations to both government and industry in five areas: Designation (who determines what is CDI?); Scope (does CDI include non-federal information?); Methods (what is permissible use of cloud services); Adoption (how can the DIB and DoD help small business), and Compliance (what is sufficient to demonstrate 'adequate security').
-
JEDEC's New JESD243: Is it an Industry Standard for Counterfeit Electronic Parts - or Something Less?
Circuit Assembly Online Magazine
Mark Northrup of IEC and I take on the new microelectronic parts standard, JESD243, and consider its sufficiency in light of August 2016 changes to the DFARS regulations that obligate defense suppliers to have systems to detect and avoid counterfeit electronic parts. We offer insights into where JESD243 could be improved to better assist industry in the effort to mitigate risk of counterfeit electronics.
Other authorsSee publication -
Changes to Counterfeit Parts Regulations Merit Review, Revision to Industry Practices
Bloomberg BNA Federal Contracts Report
DoD has made major changes to regulations that obligate defense suppliers to avoid and detect counterfeit electronic parts. This article closely examines the revised rules, focusing on new categories of permitted sources (including "contractor-approved suppliers"), changed demands on traceability, increased emphasis on inspection, testing and authentication, and relaxed rules on allowable costs in the event of a counterfeit part "escape."
-
"Security as a Service" -- Incorporating NIST 800-171 Requirements into the Defense Supply Chain
Exostar & Rogers Joseph O'Donnell, PC
Federal initiatives to protect "Covered Defense Information" (CDI) and "Controlled Unclassified Information" (CUI) have focused on the "on-premises" information systems of government contractors. In this White Paper, I advocate recognition of cloud-based "Security as a Service" as superior to premises measures for many defense suppliers and other federal contractors. I contend that better cyber security results will be achieved through cloud-delivered solutions and I recommend specific…
Federal initiatives to protect "Covered Defense Information" (CDI) and "Controlled Unclassified Information" (CUI) have focused on the "on-premises" information systems of government contractors. In this White Paper, I advocate recognition of cloud-based "Security as a Service" as superior to premises measures for many defense suppliers and other federal contractors. I contend that better cyber security results will be achieved through cloud-delivered solutions and I recommend specific measures for the federal government to enable this outcome.
-
BNA INSIGHTS: NIST Proposes Requirements for System Security Plans
Bloomberg BNA Federal Contracts Report
This article focuses on proposed revisions to NIST SP 800-171 that will affect government contractors and other entities entrusted with Controlled Unclassified Information (CUI). If adopted, the revision would require preparation of a System Security Plan and Plan of Action and Milestones (POAM) that a government contracting officer can request to demonstrate the nonfederal orga-nization’s implementation or planned implementation of the CUI safeguarding requirement.s
-
JEDEC’s New JESD243: A New Standard That Is Less Than IndustryNeeds to Avoid Counterfeit Electronic Parts
Bloomberg BNA Federal Contracts Report
Increasingly, government and industry rely upon standards and best practices to improve supply chain security. A new standard on counterfeit electronic parts, JESD 243, does little to help organizations who need out-of-production parts to sustain equipment. My article points to gaps in this standard and suggests ways it can be improved.
-
Twists and Turns – DoD Backs Away from the ‘Network Penetration’ DFARS. Or Does It?
Bloomberg BNA Federal Contracts Report
DoD on Dec. 30 revised the 'Network Penetration' DFARS to postpone the obligation of defense contractors to protect sensitive but unclassified information using the new NIST SP 800-171 safeguards. In this article, I break down the changes to the Rule, consider the reasons explaining the changes, offer recommendations to industry and suggestions for how DoD can further clarify and improve this important rule.
-
Learning to Live with the 'Network Penetration' DFARS
Bloomberg BNA Federal Contracts Report
DoD's 'Network Penetration' DFARS requires defense contractors (and their subcontractors) to protect four categories of "covered defense information." This article examines six key implementation issues and offers recommendations for improvements to the rule as well as practical advice to contractors.
-
Improving Cyber and Supply Chain Security in GSA Schedule Contracting
Bloomberg BNA Federal Contracts Report
More than 5,000 companies offer IT supplies and services off GSA's Federal Supply Schedule 70 (Information Technology Equipment), which accounts for $14 billion in sales annually. Billions more are spent for IT purposes on other FSS Schedules and on GWACS vehicles such as ALLIANT. Many federal agencies, and other eligible purchasers such as state and local governments, rely upon GSA purchasing vehicles for much of their needs for IT equipment, solutions and services. DoD is among if not the…
More than 5,000 companies offer IT supplies and services off GSA's Federal Supply Schedule 70 (Information Technology Equipment), which accounts for $14 billion in sales annually. Billions more are spent for IT purposes on other FSS Schedules and on GWACS vehicles such as ALLIANT. Many federal agencies, and other eligible purchasers such as state and local governments, rely upon GSA purchasing vehicles for much of their needs for IT equipment, solutions and services. DoD is among if not the largest of users of GSA purchasing vehicles. Yet, today, GSA MAS vehicles contain no generally applicable requirements to address cybersecurity or supply chain security. My new article which concludes that there are important national interests to be served to elevating the protection against cyber and supply chain risks in GSA schedule purchases.
There is vast diversity to the base of commercial and specialist companies who sell using GSA purchasing vehicles. Equally true, the purposes for which agencies and other eligible buyers purchase IT off the Schedules is enormously varied. Cyber or supply chain risks are hardly common among such a range and scale of purchases - so a "monolithic" approach to improving security is impossible. My article acknowledges this challenge. I analyze key considerations for GSA as well as for contractors, and offer recommendations on how to develop measures and on strategies that might succeed. -
Legal Corner: Avoiding Counterfeit Electronic Parts: How DoD’s Proposed Rule May Affect You
The Coalition for Government Procurement Friday Flash
DoD has proposed changes to the Counterfeit Parts DFARS that will apply to small businesses, COTS and commercial suppliers. I've written this article to help affected companies understand what DoD is trying to achieve and how they can be compliant and remain competitive. I also focus on areas where the proposed rule should be improved and on how DoD can assure prospective suppliers of sensible administration and oversight.
-
New GSA Rule For Commercial Supplier Contracts: A Mixed Bag
Law360 (Portfolio Media)
GSA spends billions on commercial IT and software. But Commercial Sales Agreements often contain terms and conditions that conflict with federal law. This article looks at recent actions by GSA that resolve fifteen contract terms that regularly frustrated the ability of federal buyers to access commercial sources. The same GSA action, unfortunately, implemented a seemingly technical change - to the Order of Precedence Clause - that will create new tensions.
Other authorsSee publication -
View from RJO: OMB's New Guidance on Using Acquisition Methods to Improve Cybersecurity
Bloomberg BNA Federal Contracts Report
OMB's proposed Guidance signals new regulatory obligations to better protect the confidentiality of federal "controlled unclassified information" in the hands of private contractors. OMB's new initiative goes further than previous measures. Companies can expect specific contract terms to impose cyber reporting obligations. For more sensitive information, federal agencies likely will perform security assessments and demand continuous threat and event monitoring. Smart companies will…
OMB's proposed Guidance signals new regulatory obligations to better protect the confidentiality of federal "controlled unclassified information" in the hands of private contractors. OMB's new initiative goes further than previous measures. Companies can expect specific contract terms to impose cyber reporting obligations. For more sensitive information, federal agencies likely will perform security assessments and demand continuous threat and event monitoring. Smart companies will self-assess against coming requirements and get ahead of them, rather than risk ineligibility for new awards, competitive disadvantage or non-compliance with contract obligations.
-
Threats to the Supply Chain: Extending Federal Cybersecurity Safeguards to the Commercial Sector
Bloomberg BNA Privacy and Security Law Report
The federal government is working to impose minimum cybersecurity safeguards on the hundreds of thousands of commercial companies who are entrusted with sensitive but unclassified federal information. This article explains the multiple federal initiatives and helps companies prepare for the new requirements. It supersedes and updates earlier works I've authored on this subject area.
-
Cybersecurity for the Rest of Us: Protecting Federal Information of Civilian Agencies
Bloomberg BNA Federal Contracts Report
The federal government shares sensitive information with contractors, state and local governments and educational institutions. While this information is at risk of attack, nonfederal users entrusted with "controlled federal information" are not now subject to minimum cybersecurity controls. This will change. The federal government will use acquisition methods and contracting tools to elevate cyber protection of its information.
-
GSA Multiple Award Schedule Contracting: Lessons From 2014
Law360
Multiple Award Schedule procurements generated more than $32.7 billion in FY 2014 sales. The GSA's Office of Inspector General, though possessed of limited staff and budget, seeks to enforce compliance with the complex rules that control sales off the federal schedules. In this 2015 article, we focus on the enforcement results from 2014, identify trends, and offer advice to companies on how to conduct self-assessment that will reduce risk of non-compliance.
Other authorsSee publication -
View From RJO: DOD's Cybersecurity Initiative—What the Unclassified Controlled Technical Information Rule Informs Public Contractors About the New Minimums in Today's Cyber-Contested Environment
Bloomberg BNA Federal Contracts Report
DoD is determined that its supply chain elevate its cyber assurance and promptly support any cyber incidents. Though not well understood, the rule published in November 2014 on "Unclassified Controlled Technical Information" requires every company in the DoD supply chain to protect sensitive information and to adopt minimum cyber security measures. New guidance explains how DoD intends to apply this important rule. Our article explores the reasons for the rule and how it will impact the…
DoD is determined that its supply chain elevate its cyber assurance and promptly support any cyber incidents. Though not well understood, the rule published in November 2014 on "Unclassified Controlled Technical Information" requires every company in the DoD supply chain to protect sensitive information and to adopt minimum cyber security measures. New guidance explains how DoD intends to apply this important rule. Our article explores the reasons for the rule and how it will impact the defense supply chain.
Other authorsSee publication -
View From RJO:A Standards-Based WayTo Avoid Counterfeit Electronic Parts
Bloomberg BNA Federal Contracts Report
This article examines key implementation issues in DoD's drive to eliminate counterfeit electronic parts from the defense supply chain. The focus is on how reliance upon industry standards can help resolve compliance questions and aid government in consistent oversight practices.
-
You Don't Have to Report Counterfeits to DOD IG
Law360 (Government Contracts, Aerospace & Defense, Public Policy)
Proper reporting of counterfeit and suspect counterfeit parts is important. But that does not mean the DOD IG is correct in its view that contractors must make ethics program disclosures to the IG when they detect or suspect a counterfeit.
-
New Rule Addresses Supply Chain Assurance
National Defense, NDIA
This article briefly summarizes the new regulations that require systems to detect and avoid counterfeit electronic parts and shows how these rules broadly affect companies at many levels of the aerospace and defense supply chain.
-
View for RJO: Risk-Based Acquisition Strategies to Avoid Failed IT Projects
Federal Contracts Report, Bloomberg BNA
Here, we take some "lessons learned" from failed IT transformation projects and offer ten key recommendations on where to look for risk during the acquisition phase of IT procurements and how to address and manage those risks.
Other authorsSee publication -
Indiana v. IBM: What's At Stake for IT Contractors
Law360 (Appellate, Government Contracts, Technology)
Indiana terminated IBM for default 3 years into a 10-year, $1.4 billion IT modernization project. The Indiana Supreme Court how is to decide whether the default was justified. Mark and I believe the appellate court applied the wrong standard to review whether IBM's performance was satisfactory. it elevated the state's "satisfaction" over all other criteria by which performance was to be measured.
Other authorsSee publication -
View from RJO: GAO's Neglected § 21.8(b): How it Can be Used to Address Concerns That Bid Protests are too Costly and Disruptive
Bloomberg BNA Federal Contracts Report
This article shows how GAO can use available authority to take a more rigorous look at what remedies or corrective action to recommend in a protest that is successful on the merits.
Other authorsSee publication -
Making the Best of the Final DFARS re Counterfeit Parts
ERAI - Insight Newsletter
In this article, I take a hard look at four of the toughest implementation issues that surround the new DFARS rule on detection and avoidance of counterfeit electronic parts and I offer pragmatic approaches to compliance and oversight.
-
View From RJO: The Challenge of Pricing Commercial Items
Bloomberg BNA Federal Contracts Report
Some federal buyers are pressing to narrow the definition of "commercial items" that are purchased with reduced cost or pricing disclosure obligations. This column examines the reasons behind the government's concerns and suggests ways to respond that would not frustrate federal access to commercial sources or impose costly new disclosure burdens on suppliers.
Other authorsSee publication -
Armed at Home
Open Magazine
Open Magazine (India) asked 10 experts for "radical" ideas on how the next government of India can achieve 10% GDP growth. I proposed ways that India can develop and sustain an indigenous defense industry. India's security requirements are big enough, for sure. But big changes are required for India to become the principal source of its own military equipment.
-
Convergence of Counterfeit and Cyber Threats: Understanding New Rules on Supply Chain Risk
Bloomberg BNA Federal Contracts Report
This article examines the cyber threats posed by counterfeit parts that harbor malicious code and looks at new DoD rules to exclude suspect sources.
-
GSA Multiple Award Schedule Contracting: Lessons From 2013
Law360 / Portfolio Media
This article examines compliance and enforcement trends in GSA Multiple Award Schedule (MAS) contracting. The federal government spends $35 billion annually through these contracting vehicles. Key issues concern the use of schedule contracts for the pricing of services. MAS contractors are exposed to GSA oversight and audit, and should examine their practices to assure compliance.
Other authorsSee publication -
Advanced regional turboprop aircraft: Solution to India's aviation infrastructure restraints
The Economic Times
India needs to grow its civil aviation capabilities. But getting this done given infrastructure constraints is a huge challenge. This article urges a national program to develop and build and advanced regional turboprop civil transport. Such an initiative should welcome foreign design and engineering partners. It will contribute also to India's indigenous aerospace industrial base and to manufacturing jobs.
-
The Many Challenges Facing Civil Aviation in India
India Law News (ABA Section of International Law)
India faces difficult choices as it seeks to modernize its aviation infrastructure and grow its civil aviation industry. This article surveys the range of challenges that confront India's leadership and companies that seek to participate in the dynamic, difficult multi-billion dollar Indian civil aviation market.
-
Offsets Loom Large As Defense Firms Sell More Abroad
Law360 (Portfolio Media, Inc.)
Offsets have become an enormous obligation of the world's leading aerospace and defense firms. This article explores the importance of offsets to securing foreign sales and the attending performance and compliance risks.
-
DoD Counterfeit Parts Rule -- So Little After So Long
Law360
A concise assessment of what's included and excluded from the long-awaited proposed DFAR rule on counterfeit parts detection and avoidance.
-
The 'VVIP' Helicopter Scandal: Steering towards a Positive Response
Indian Defence Review
India's defence acquisition policies and process are now being changed as the Government responds to the revelations and allegations of bribery that surround a VVIP helicopter procurement. This article -- my third for Indian Defence Review -- offers an assessment of what lessons can be learned from the scandal and offers suggestions on how improved anti-corruption efforts will benefit India in its quest for military self-sufficiency and indigeneous defence production.
-
New DOD Counterfeit Prevention Policy: Resolves Responsibilities Within DOD But Leaves Many Contractor Questions Unresolved
Bloomberg BNA Federal Contracts Report
This article examines closely DoD's recently issued Counterfeit Parts Prevention policy. It is the 4th in a series of articles I've written on supply chain risk management for this Bloomberg publication. I appreciate the restraint of the new DoD policy but express concern that it leaves too much for future decision and implementation.
-
The Importance of Competitive Negotiations to State Information Technology Procurement
The Procurement Lawyer, Vol. 48, No. 3 (Spring 2013)
State and local governments rely on information technology. New and emerging technologies offer great opportunity to save money while improving responsiveness. To reach the best deal between buyer and seller, the award of state and local IT contracts should be achieved through competitive negotiations. This new article helps inform both state buyers and IT vendors of the reasons for use of a negotiation process. By comparing the experience of three states, California, Oregon and New York, it…
State and local governments rely on information technology. New and emerging technologies offer great opportunity to save money while improving responsiveness. To reach the best deal between buyer and seller, the award of state and local IT contracts should be achieved through competitive negotiations. This new article helps inform both state buyers and IT vendors of the reasons for use of a negotiation process. By comparing the experience of three states, California, Oregon and New York, it offers valuable lessons to consider as more states are persuaded to use the competitive negotiations procurement technique.
Other authorsSee publication -
Making Offsets Work for India
Indian Defence Review
This article, for India's leading national security journal, takes a granular look at implementation and administration of India's defense offset program. It urges improvements to make the program more businesslike and successful for India's purposes.
-
Defence: Work with Uncle Sam
The Economic Times (India)
This OpEd, published in The Economic Times, urges India to press for collaborative development of aerospace and defense systems with the U.S. Its premise is that India's sizable defense expenditures give it leverage to secure active U.S. cooperation in a joint development project optimized for India's security needs and national economic objectives.
-
An Appraisal of Select Provisions of the FY 2013 National Defence Authorization Act
Federal Contracts Report, The Bureau of National Affairs, Inc.
This article continues my series examing legislative and regulatory initiaties to combat the threat of counterfeit parts and improve supply chain security against infiltration of malicious parts. The focus is on the latest Congressional enactments affecting item unique device identification, a qualified "safe harbor" for defense contractors, and reliance upon a domestic industrial base for key systems and networks.
-
What Contractors Can Learn from Indiana v. IBM
Law360
IBM's implementation of an automated welfare system for the State of Indiana proved to be a disaster and provoked exhaustive litigation. Implementation of new IT systems for state governments always are difficult and often prove contentious. This article explores the controversy and offers prophylactic advice to systems integration contractors.
Other authorsSee publication -
Counterfeit Electronic Parts: What to Do Before the Regulations (and Regulators) Come - Part I
Bloomberg BNA - Federal Contracts Report
-
US-India Defence Cooperation: Towards an Enduring Relationship
Indian Defence Review
Intended to be a balanced, careful review of the opportunities and challenges for U.S.-India defense industrial cooperation.
-
Counterfeit Parts: What to do Before the Regulations (and Regulators) Come? Practical Steps Industry Can Take Now - Part II
Bloomberg BNA Federal Contracts Report
This article - Part 2 of a series - explores DoD's "Overarching Guidance" of March 16, 2012 and examines practical measures industry can take now, before issuance of new DFARS and FAR regulations.
-
A "Work in Progress - The Evolving U.S.-India Defense Supply Relationship
India Law News (ABA Section of International Law)
Reviewing opportunities presented by India's requirements for defense supplies and services and discussing India's procurement process
Other authors -
A Decade of GAO OCI Decisions: Is the Past the Prologue?
BNA Federal Contracts Report
This article examines the previous ten years' history of GAO decisions on organizational conflict of interest (OCI).
Other authors -
Final DFARS OCI Rules -- A Retreat from what Some Feared, a Sign of What is to Come?
West, The Government Contractor
On December 29, 2010, DoD issued its final rule on organizational conflict of interest (OCI) on major defense acquisition programs. It was a considerable retreat from what had been proposed - but still has powerful implications for systems engineering and technical advisory contractors. This is a thorough analysis
-
A Critical Assessment of the GAO Bid Protest Mechanism
Wisconsin Law Review
A thorough comparison of the process and methods employed by the GAO and the Court of Federal Claims in resolving contract award controversies
Other authors -
COFC Limits Sole-Source Procurement of Combat Helicopter Parts; Finds Both CICA and OCI Violations
Thomson West, The Government Contractor
This article examines the Court of Federal Claims decision in Filtration Development Co., LLC v. U.S., in which protester successfully challenged an OCI waiver and use of an "urgent and compelling" exception to "full and fair competition" requirements of CICA
Other authors -
Communications Convergence
The Computer & Internet Lawyer
an early appreciation of the implications of IP telephony for the legacy categorical telecommunications regulatory regime, anticipating the decline of the circuit-switched network
-
When More Produces Less: California's IT Terms and Conditions Produce Less Competition and Lower Value
ABA, The Procurement Lawyer
This article was a "ground breaking" look at how overly restrictive, risk-averse terms and conditions could operate to frustrate competition and prevent realizing "best value" in state information technology procurement.
Other authors -
Reforming Post-Cold War US Arms Sales Policy: the Crucial Link between Exports and the Defence Industrial Base
The Journal of Strategic Studies
an assessment of the importance to the U.S. industrial base of security assistance arrangements and international defense markets
Other authors -
Arms Control Enters the Gray Area
International Security
an examination of the security implications of the Soviet Union's intermediate range missiles to the U.S. and Europe
Other authors
Honors & Awards
-
2024 Lawdragon 500 Leading Global Cyber Lawyers
Lawdragon
In this inaugural guide, the highly respected rating authority, Lawdragon, recognizes the legal industry’s leading authorities on privacy, technology transactions, national security, emerging technologies and data security. As with Lawdragon’s other closely-watched lists, editors considered nominations, independent research and peer feedback when selecting honorees. I was among those honored by recognition. Lawdragon referenced my work in governmentu contracts, cybersecurity, supply chain and…
In this inaugural guide, the highly respected rating authority, Lawdragon, recognizes the legal industry’s leading authorities on privacy, technology transactions, national security, emerging technologies and data security. As with Lawdragon’s other closely-watched lists, editors considered nominations, independent research and peer feedback when selecting honorees. I was among those honored by recognition. Lawdragon referenced my work in governmentu contracts, cybersecurity, supply chain and national security matters.
-
"Top Voice"
LinkedIn
As described by LinkedIn, the "Top Voice" badge recognizes "senior-level experts and leaders who consistently share valuable and original insights on the platform.
-
2024 “Thought Leaders - USA - Government Contracts” + 2023 “Recommended - Government-Government Contracts”
Lexology - Who’s Who Law
I’m grateful to be listed among 27 excellent practitioners who are also designated this year for “Thought Leaders” for “USA-Government Contacts’
-
Top Ranked Lawyer
Chambers USA
"Notable Practitioner" per Chambers and ranked in Band 1 USA USA-Nationwide Government Contracts: Cybersecurity. Ranked in Band 2 USA-Nationwide Government Contracts. Chambers review: "Robert Metzger is routinely called upon by clients for his expertise in cybersecurity matters, assisting clients with high-stakes contract procurements, qui tam litigation and compliance issues." Strengths (provided by Chambers, from a cybersecurity client) include: "He is probably the best around in dealing with…
"Notable Practitioner" per Chambers and ranked in Band 1 USA USA-Nationwide Government Contracts: Cybersecurity. Ranked in Band 2 USA-Nationwide Government Contracts. Chambers review: "Robert Metzger is routinely called upon by clients for his expertise in cybersecurity matters, assisting clients with high-stakes contract procurements, qui tam litigation and compliance issues." Strengths (provided by Chambers, from a cybersecurity client) include: "He is probably the best around in dealing with cybersecurity-related government contract matters."
-
Recognized Lawyer
The Legal 500
"Robert Metzger, who has developed and 'exceptional' reputation for litigation and and bid protests, as well as cybersecurity-related issues." And from a client testimonial: "‘Robert Metzger support by Lauren Kramer and Amber Lee are exceptional in their own right. As a team, it’s hard to imagine a more talented group. What stands out most from my experience working with this group is how much they genuinely cared about the outcome of the case. I came to view them not as our outside counsel…
"Robert Metzger, who has developed and 'exceptional' reputation for litigation and and bid protests, as well as cybersecurity-related issues." And from a client testimonial: "‘Robert Metzger support by Lauren Kramer and Amber Lee are exceptional in their own right. As a team, it’s hard to imagine a more talented group. What stands out most from my experience working with this group is how much they genuinely cared about the outcome of the case. I came to view them not as our outside counsel, but as trusted friends who were in this together with our company. I can think of no higher compliment to pay them.’"
-
Ranked Lawyer (Band 2) 2020 Chambers USA
Chambers and Partners
Robert Metzger is routinely called upon by clients for his expertise in cybersecurity matters, assisting clients with high-stakes contract procurements, qui tam litigation and compliance issues. "Bob Metzger is an expert in the important, evolving areas of cybersecurity and supply chain risk. He is on the cutting edge of developments involving Covered Defense Information (CDI) and Controlled Unclassified Information (CUI), and is extremely knowledgeable and well connected with industry…
Robert Metzger is routinely called upon by clients for his expertise in cybersecurity matters, assisting clients with high-stakes contract procurements, qui tam litigation and compliance issues. "Bob Metzger is an expert in the important, evolving areas of cybersecurity and supply chain risk. He is on the cutting edge of developments involving Covered Defense Information (CDI) and Controlled Unclassified Information (CUI), and is extremely knowledgeable and well connected with industry leaders," reports an interviewee.
-
Program Recognition Award
The MITRE Corporation
This prestigious award was granted to the members of the “Deliver Uncompromised” project team. I was one of the four authors of the Report which has been influential in changing cyber in supply chain security policies of the federal government.
-
SANS 2018 Difference Maker
SANS Institute
The SANS Institute describes the "Difference Maker" award as honoring persons in cyber security whose "innovation, skill, and hard work have resulted in real successes in information security." The award given to the DSB Cyber Supply Chain Report recognized its contributions to changes in DoD acquisition policy and "effective actions by the DoD that address the challenges of supply chain security."
-
"Expert" Practitioner Rating | Government Contracts (USA)
Who'sWhoLegal
I was among the 49 U.S. attorneys identified as "Experts" by Who'sWhoLegal for 2016.
-
Ranked Lawyer (Band 3) 2016 Chambers USA | Government: Government Contracts - Nationwide
Chambers and Partners
This year, Chambers said of me: "Bob Metzger is the head of the firm's Washington, DC office. He is highly regarded among the government contracts Bar for his enforcement, litigation and bid protests practice. He represents clients in the aerospace and defense, telecom, IT, professional services and electronics sectors, among other industries."
-
2016 "Federal 100" Award
Federal Computer Week
Federal Computer Week has named me a recipient of a 2016 "Federal 100" Award for significant contributions to federal government IT. Federal 100 Awards are made to the government, industry and academic leaders who have played pivotal roles that affect how the federal government acquires, develops and manages information technology. I am recognized for my contribution to federal initiatives to improve cyber and supply chain security practices of federal contractors. Further information is at…
Federal Computer Week has named me a recipient of a 2016 "Federal 100" Award for significant contributions to federal government IT. Federal 100 Awards are made to the government, industry and academic leaders who have played pivotal roles that affect how the federal government acquires, develops and manages information technology. I am recognized for my contribution to federal initiatives to improve cyber and supply chain security practices of federal contractors. Further information is at https://fcw.com/articles/2016/02/08/2016-federal-100-winners.aspx.
-
"Expert" Practitioner Rating
Who's Who Legal
Who's Who Legal, published by Law Business Research Ltd., included Rogers Joseph O'Donnell as one of 27 listed U.S. firms and designated firm founder, Neil O'Donnell, and me among 48 U.S. lawyers cited as "Experts" in the Government Contracts field.
-
Rated Practice (Tier 2)
The Legal 500
The 2015 US edition of The Legal 500 for the first time ranks the Government Contracts practice of US law firms. RJO was ranked in Tier 2, among the top six of the eighteen firms selected for recognition. We are the only boutique among the ranked firms. The Legal 500 highlights “practice area teams who are providing the most cutting edge and innovative advice to corporate counsel.” We are proud that our dedicated team, from our San Francisco and Washington offices, earned this special…
The 2015 US edition of The Legal 500 for the first time ranks the Government Contracts practice of US law firms. RJO was ranked in Tier 2, among the top six of the eighteen firms selected for recognition. We are the only boutique among the ranked firms. The Legal 500 highlights “practice area teams who are providing the most cutting edge and innovative advice to corporate counsel.” We are proud that our dedicated team, from our San Francisco and Washington offices, earned this special recognition. At http://www.legal500.com/c/united-states/government/government-contracts#table_3153
-
Ranked Lawyer (Band 3)
Chambers & Partners
In the 2015 Chambers ratings, I advanced to "Band 3" among individually ranked lawyers, meaning that I am among the top 34 rated lawyers. My firm, Rogers Joseph O'Donnell, remains ranked in "Band 2." As a firm, we are the only boutique among the top eight. I am pleased that several of my colleagues also were recognized by Chambers: Neil O'Donnell, Patricia Meagher, Aaron Silberman and Jeffery Chiow. At http://www.chambersandpartners.com/12788/690/editorial/5/1#RankedLawyers_Tab
-
Rated Lawyer (Government Contracts - National)
Chambers & Partners
The 2014 Chambers USA ranks RJO in "band 2" of U.S. government contracts firms. We are the only "boutique" so recognized in the top nine U.S. firms. I am ranked individually by Chambers in "band 4." Chambers reports that I have "[d]iverse subject area expertise including IT acquisition, supply chain and cyber security, state and local procurement, international defense transactions. Bid protests and civil litigation in state and federal courts."
-
Recognized Practitioner (Media, Technology & Telecoms)
The Legal 500
Before coming to RJO, much of my practice focus was on advanced regulatory issues that accompanied "telecommunications convergence," i.e., IP-enabled communications. I was recognized in the 2010 issue of The Legal 500, for example, for work involving video services offered by telecom companies and regulation of carrier landline and wireless facilities. In the 2006 issue of The Legal 500, I was ranked as among the top telecom litigation and appellate lawyers in the United States. "Clients…
Before coming to RJO, much of my practice focus was on advanced regulatory issues that accompanied "telecommunications convergence," i.e., IP-enabled communications. I was recognized in the 2010 issue of The Legal 500, for example, for work involving video services offered by telecom companies and regulation of carrier landline and wireless facilities. In the 2006 issue of The Legal 500, I was ranked as among the top telecom litigation and appellate lawyers in the United States. "Clients recognize that, 'although not one of the biggest telecom names, the practice, and in particular Robert Metzger, have shown great thinking on the latest issues." "Metzger is recognized as having an impressive influence on developing strategies for carriers dealing with convergence issues."
-
Plank Owner, Standard Missile Company
United States Navy, Naval Sea Systems Command
Awarded in recognition of my role in the creation of the joint venture LLC, the "Standard Missile Company" (SMCo) that was formed by Hughes Aircraft Company and Raytheon Company. Its principal purpose was to retain critical technologies of both sponsors and to fulfill the Navy's objectives to develop and deploy the Standard Missile system for tactical and theater missile defense missions.
Organizations
-
Science & Technology Section, American Bar Association
Vice-Chair, Information Security Committee
- Present -
International Institute of Strategic Studies
-
More activity by Robert
-
I see two failures. The first is companies choosing to use Windows as an operating system for critical infrastructure. Windows is an OS for end users…
I see two failures. The first is companies choosing to use Windows as an operating system for critical infrastructure. Windows is an OS for end users…
Liked by Robert Metzger
Other similar profiles
-
Jacob Horne
Connect -
Amira Armond
President @ Kieri Solutions | CMMC educator | Cybersecurity advocate
Connect -
Jason R... Weiss
Connect -
Eric Crusius
Connect -
Stacy Bostjanick
Connect -
Katie Arrington
Connect -
Joy Belinda Beland QTE, CISM, CMMC PI CCA
Connect -
Koren Wise
Connect -
James Goepel
Connect -
Jen Easterly
Connect
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Robert Metzger in United States
-
Robert METZGER
Served 21 years in the U.S. Army
-
Robert METZGER
Director of Brand Partnerships + Specialty Coffee Industry Creative + Relationship Manager + Artist/Photographer
-
Robert Metzger
-
Robert Metzger
Professor of Chemistry at The University of Alabama
182 others named Robert Metzger in United States are on LinkedIn
See others named Robert Metzger