Navigating Federal Cybersecurity Requirements and Enforcement for Government Contractors and Grant Recipients

Mr. Johnson brings two decades of legal experience in national security, litigation, cybersecurity, data privacy, and AI to his practice. He represents multinational corporations, government entities, technology companies, and defense contractors in complex regulatory matters, investigations, and enforcement actions and advises clients on cyber incident response, AI governance, export controls, sanctions, CFIUS, the False Claims Act, and emerging technologies. His work has included counseling organizations through internal investigations with geopolitical implications and representing them before congressional oversight committees. Mr. Johnson focuses on helping clients navigate high-stakes regulatory, operational, and compliance matters at the intersection of emerging technologies and national security law. His practice encompasses advising on the development and governance of AI technologies, coordinating with regulators on cyber, UAS (drone), and aerospace matters, and providing counsel on constitutional issues arising from technology use. Mr. Johnson has regularly appeared before House and Senate committees and works closely with U.S. agencies including the Intelligence Community, FBI, CISA, DHS, DOJ, State Department, and Treasury. He’s worked extensively with the National Security Council under multiple presidential administrations. Prior to private practice, Mr. Johnson served in senior national security positions as the Deputy General Counsel to the Commander of U.S. Cyber Command / Director of the National Security Agency (NSA), where he provided proactive legal counsel to senior DoD leaders on cyber operations (offensive and defensive), data privacy, AI, cryptocurrency, UAS (drones), complex investigations, and regulatory compliance. He also served as Senior Counsel to the Cyber National Mission Force’s AI Task Force and Public-Private Collaboration Center, where he led AI governance efforts, advised on AI frontier model adoption, and negotiated agreements with technology companies for national security purposes. His legal career includes positions as a federal prosecutor, appellate attorney, and Special Assistant U.S. Attorney for the DOJ.

Ms. Kim focuses her practice on government contracts and procurement matters. She also advises clients on complex cybersecurity and privacy compliance issues, often involving dual use technologies and applications. Ms. Kim has worked with clients operating in an array of industries to navigate these sectors of the law, including providers of critical government infrastructure solutions, aviation and aerospace systems, enterprise cloud services, and autonomous defense systems. She advises clients on bid protests and claims involving state and federal level government procurements, including before the Government Accountability Office, U.S. Court of Federal Claims, and the California Department of General Services, and also provides industry-specific counsel on obligations under the Federal Acquisition Regulation, the Cybersecurity Maturity Model Certification program, NIST special publications, CCPA/CPRA, and related privacy and cybersecurity frameworks. Ms. Kim works closely with clients to provide strategic guidance on their supply chain risk management postures, B2B negotiations on federal contracting obligations, data rights assertions and IP markings, diligence on buy-side and sell-side transactions, agency disclosure obligations, and internal compliance procedures. She has also represented clients on complex litigation and arbitration proceedings.

Ms. Ross advises government contractors from a diverse range of industries on regulatory matters including compliance with government regulations, contract disputes, defense of claims, and government investigations. She focuses her practice on matters of compliance, investigations and disclosure obligations, litigating bid protests before the Court of Federal Claims and the Government Accountability Office, and resolving government contractor disputes and claims. Ms. Ross assists clients in managing complex government regulatory requirements in the areas of cybersecurity, data protection, supply chain, Foreign Ownership, Control, or Influence, and domestic preferences. She provides strategic and practical advice to clients on federal contract compliance obligations, particularly in connection with cybersecurity, supply chain risk management, and privacy. Among other things, Ms. Ross counsels clients on obligations in the Federal Acquisition Regulation, Code of Federal Regulations , Cybersecurity Maturity Model Certification program, and Federal Risk and Authorization Management Program. She also advises clients on agency-specific requirements from the Department of Defense, Department of Homeland Security, and Department of Justice, and others. She works with clients to understand government regulations, develop compliance plans, and implement those plans.