Compliance & Risk
S. 2264, Advancing Department of Veterans Affairs Emergency Response to Crises Act of 2026
As ordered reported by the Senate Committee on Veterans’ Affairs on March 18, 2026
Cabrillo Club·April 1, 2026
All Articles
Compliance & Risk
Compliance & Risk Articles
Regulatory guidance, compliance frameworks, and risk mitigation.
187 articles
Compliance & Risk
Hegseth, VA Secretary Honor Vietnam War Vets
Secretary of War Pete Hegseth and Doug Collins, Veterans Affairs secretary, were joined by dozens of former service members, Gold Star family members and others at the Vietnam War Memorial in Washington for a ceremony in recognition of National Vietnam War Veterans Day.
Cabrillo Club·March 29, 2026
Compliance & Risk
Is Peraton CMMC and FedRAMP Compliant? 2026 Status
Peraton compliance overview: FedRAMP authorization status, CMMC posture, cybersecurity modernization efforts, and what defense contractors evaluating Peraton need to know.
Cabrillo Club·March 21, 2026
Compliance & Risk
The Complete CMMC Compliance Guide
Everything defense contractors need to know about CMMC 2.0 certification in 2026. Covers requirements, costs, step-by-step certification process, CRM compliance, and how to reduce your assessment boundary.
Cabrillo Club·March 21, 2026
Definitive GuidesCompliance & Risk
CMMC Flowdown Requirements and Your CRM: What Primes Owe Subcontractors (and Vice Versa)
When primes share CUI with subcontractors via CRM, the sub's CRM must also meet CMMC requirements. This guide covers 32 CFR 170.23 flowdown rules, how CUI flows through CRM in prime-sub relationships, verification obligations, common failures, and why purpose-built CRM solves the 300,000-company supply chain compliance problem.
Cabrillo Club·February 25, 2026
Operating PlaybooksCompliance & Risk
CRM Migration to CMMC Compliance: The Defense Contractor's Roadmap
The defense contractor's roadmap for migrating CRM to CMMC compliance before Phase 2 enforcement. Covers three migration paths (gov cloud upgrade, purpose-built CRM, dual environment), 8-phase timeline, CUI data cleansing, integration challenges, and realistic cost analysis ($50K-$200K).
Cabrillo Club·February 25, 2026
Definitive GuidesCompliance & Risk
The True Cost of CRM Non-Compliance: False Claims Act, Contract Loss, and Hidden Risks for Defense Contractors
Most defense contractors frame CRM compliance as a technology cost. The real calculation is what non-compliance costs: False Claims Act treble damages, DOJ Cyber-Fraud Initiative enforcement, contract loss at recompete, breach remediation, and insurance gaps. 3-year risk-adjusted cost of non-compliance: $3.4M-$16.2M vs $105K-$365K for compliant CRM.
Cabrillo Club·February 25, 2026
Technical Deep DivesCompliance & Risk
CUI Spillage in CRM Systems: Prevention, Detection, and Incident Response for Defense Contractors
CUI spillage in CRM systems is one of the most common and underreported compliance failures in defense contracting. This guide covers spillage vectors, detection methods, the DFARS 7012 72-hour reporting requirement, a 6-phase incident response playbook, and how CUI-safe CRM architecture prevents spillage by design.
Cabrillo Club·February 25, 2026
Product ComparisonsCompliance & Risk
Salesforce Government Cloud vs Microsoft Dynamics 365 GCC High vs Purpose-Built CUI-Safe CRM for Defense Contractors
Side-by-side comparison of Salesforce Government Cloud, Microsoft Dynamics 365 GCC High, and purpose-built CUI-safe CRM for defense contractors handling CUI. Covers FedRAMP authorization levels, CMMC Level 2 control coverage, cost per user, migration timelines, and when each platform makes sense.
Cabrillo Club·February 25, 2026
Compliance & RiskDefinitive Guides
FAR and DFARS for Defense Contractors: The Essential Compliance Quick Reference
Practical FAR and DFARS quick reference for defense contractors. Covers the regulatory structure, critical clauses (DFARS 252.204-7012, CMMC 7021, CAS, TINA), flowdown requirements, FY2026 NDAA threshold changes, and small business compliance relief.
Cabrillo Club·February 25, 2026
Operating PlaybooksCompliance & Risk
CMMC Assessment Preparation Guide: Your Complete Readiness Checklist
Your complete CMMC assessment readiness checklist — from SSP and POA&M preparation to evidence collection, mock assessments, C3PAO selection, and day-of management. Includes a 90-day preparation timeline and evidence requirements for all 14 NIST 800-171 control families.
Cabrillo Club·February 24, 2026
Definitive GuidesCompliance & Risk
CMMC Certification Cost in 2026: Complete Breakdown for Defense Contractors
Complete breakdown of CMMC certification costs for 2026 — from Level 1 self-assessment ($5K–$20K) to Level 2 C3PAO assessment ($50K–$200K+). Covers assessment fees, technology remediation, consulting, and ongoing compliance costs by organization size.
Cabrillo Club·February 24, 2026
Compliance & RiskDefinitive Guides
CMMC Compliant CRM Checklist: 25 Requirements Your CRM Must Meet
The definitive CMMC CRM compliance checklist — 25 requirements organized by NIST 800-171 control family. Includes CRM platform scorecard comparing Salesforce Gov, Microsoft Dynamics GovCloud, HubSpot, and Cabrillo Club across all control families.
Cabrillo Club·February 24, 2026
Definitive GuidesCompliance & Risk
CMMC for Small Business: The Practical Compliance Guide for 2026
Practical CMMC compliance guide designed for small defense contractors. Covers realistic cost expectations, step-by-step compliance roadmap for small teams, SBA and DoD resources, technology stack recommendations, and common mistakes to avoid.
Cabrillo Club·February 24, 2026
Technical Deep DivesCompliance & Risk
CMMC Level 2 Requirements: All 110 Security Controls Explained
Comprehensive guide to all 110 CMMC Level 2 security requirements mapped from NIST SP 800-171. Covers all 14 control families — Access Control through System Integrity — with assessor expectations, common failures, and implementation guidance.
Cabrillo Club·February 24, 2026
Compliance & RiskDefinitive Guides
CMMC Timeline 2026: Every Key Date and Deadline Defense Contractors Must Know
Every key CMMC date and deadline defense contractors must know for 2026. Covers the phased implementation timeline from self-assessment requirements through full enforcement, C3PAO scheduling reality, and consequences of missing deadlines.
Cabrillo Club·February 24, 2026
Technical Deep DivesCompliance & Risk
Email Ingestion and CUI: The Compliance Blind Spot Most Defense Contractors Miss
The compliance blind spot most defense contractors miss: email ingestion into non-compliant CRMs. Covers how CUI enters email, what happens when it hits a non-compliant database, NIST 800-171 controls violated, and architecture for CUI-safe email capture.
Cabrillo Club·February 24, 2026
Definitive GuidesCompliance & Risk
GovCon Teaming Agreement Guide: Templates, Checklists, and Legal Essentials for Defense Contractors
Complete teaming agreement guide for defense contractors — from arrangement types (prime/sub, JV, CTA, mentor-protégé) to essential clauses, CMMC compliance flow-down, partner evaluation, and relationship management through proposal and performance.
Cabrillo Club·February 24, 2026
Operating PlaybooksCompliance & Risk
How to Get CMMC Certified: Step-by-Step Guide for Defense Contractors (2026)
Step-by-step walkthrough of the entire CMMC certification process for defense contractors. Covers CUI boundary definition, gap assessment, SSP development, remediation, C3PAO selection, and formal assessment — with a 9–18 month realistic timeline.
Cabrillo Club·February 24, 2026
Technical Deep DivesCompliance & Risk
Zero Trust CRM for GovCon: Architecture, Implementation, and CMMC Alignment
Technical deep dive into zero trust CRM architecture for government contractors. Covers why traditional CRMs fail CMMC, zero trust components (identity verification, micro-segmentation, continuous validation), NIST 800-171 control mapping, and CRM platform evaluation.
Cabrillo Club·February 24, 2026
Compliance & Risk
Fewer than 1% of HHS’s AI uses are ‘high impact.’ It stands out.
HHS has classified fewer than 1% of its nearly 450 AI use cases as 'high impact' requiring heightened risk management, a significantly lower rate than other major agencies like DHS (23%), DOJ (36%), and VA (59%). This raises concerns about potential misclassification and inconsistent AI governance practices across federal agencies, which could impact how contractors develop and implement AI solutions for HHS. The discrepancy suggests contractors may face varying AI risk management requirements depending on the agency, affecting compliance strategies and solution design.
Cabrillo Club·February 23, 2026
Compliance & Risk
Fewer than 1% of HHS’s AI uses are ‘high impact.’ It stands out.
HHS has classified fewer than 1% of its nearly 450 AI use cases as 'high impact' requiring heightened risk management, a significantly lower rate than other major agencies like DHS (23%), DOJ (36%), and VA (59%). This raises concerns about potential misclassification and inconsistent AI governance practices across federal agencies, which could impact how contractors develop and implement AI solutions for HHS. The discrepancy suggests contractors may face varying AI risk management requirements depending on the agency, affecting compliance strategies and solution design.
Cabrillo Club·February 23, 2026
Compliance & Risk
Fewer than 1% of HHS’s AI uses are ‘high impact.’ It stands out.
HHS has classified fewer than 1% of its nearly 450 AI use cases as 'high-impact' requiring enhanced risk management oversight—a stark contrast to DHS (23%), DOJ (36%), and VA (59%). This classification gap signals inconsistent AI governance implementation across federal agencies and creates immediate compliance uncertainty for contractors developing AI solutions. Contractors must prepare for potential reclassification waves, agency-specific AI risk frameworks, and heightened scrutiny on existing HHS AI deployments. The discrepancy represents both a compliance risk and a strategic opportunity for firms that can navigate multi-agency AI governance requirements.
Cabrillo Club·February 23, 2026
Compliance & Risk
Regional Ocean Partnerships Reauthorization Act of 2026
The Regional Ocean Partnerships Reauthorization Act of 2026 is legislation that reauthorizes existing regional ocean partnership programs. This may create or extend contracting opportunities for government contractors working in ocean research, environmental monitoring, coastal management, and related marine science services. Contractors in environmental consulting, data collection, and oceanographic services should monitor this legislation for potential funding and program continuation.
Cabrillo Club·February 22, 2026
Compliance & Risk
Regional Ocean Partnerships Reauthorization Act of 2026
The Regional Ocean Partnerships Reauthorization Act of 2026 is legislation that reauthorizes existing regional ocean partnership programs. This may create or extend contracting opportunities for government contractors working in ocean research, environmental monitoring, coastal management, and related marine science services. Contractors in environmental consulting, data collection, and oceanographic services should monitor this legislation for potential funding and program continuation.
Cabrillo Club·February 22, 2026
Compliance & Risk
Regional Ocean Partnerships Reauthorization Act of 2026
The Regional Ocean Partnerships Reauthorization Act of 2026 extends federal funding and program authority for collaborative ocean research and coastal management initiatives across multiple regional partnerships. This legislation sustains multi-year contracting pipelines for environmental monitoring, oceanographic data collection, and marine science services primarily through NOAA and DOC, with cross-agency collaboration from EPA, DOI, USGS, and Navy. Contractors holding positions on OASIS+, POLARIS, GSA MAS, and SeaPort-NxG should immediately review their capture pipelines for affected agencies and prepare for recompete cycles and new task order releases tied to continued appropriations. This is a program continuation event—not a new market—but it confirms budget stability and signals upcoming solicitation activity in FY2027-2031.
Cabrillo Club·February 22, 2026
Compliance & Risk
Export-Import Bank Reauthorization Act of 2026
The Export-Import Bank Reauthorization Act of 2026 represents congressional action to extend the authorization of the Export-Import Bank, which provides financing support for U.S. exports. This reauthorization impacts government contractors and businesses engaged in international trade by ensuring continued access to export credit financing, loan guarantees, and insurance programs that facilitate overseas sales of U.S. goods and services. Contractors involved in defense, aerospace, infrastructure, and other export-oriented sectors should monitor the specific terms, funding levels, and any policy changes included in this reauthorization.
Cabrillo Club·February 22, 2026
Compliance & Risk
Export-Import Bank Reauthorization Act of 2026
The Export-Import Bank Reauthorization Act of 2026 represents congressional action to extend the authorization of the Export-Import Bank, which provides financing support for U.S. exports. This reauthorization impacts government contractors and businesses engaged in international trade by ensuring continued access to export credit financing, loan guarantees, and insurance programs that facilitate overseas sales of U.S. goods and services. Contractors involved in defense, aerospace, infrastructure, and other export-oriented sectors should monitor the specific terms, funding levels, and any policy changes included in this reauthorization.
Cabrillo Club·February 22, 2026
Compliance & Risk
Export-Import Bank Reauthorization Act of 2026
The Export-Import Bank Reauthorization Act of 2026 extends the authorization of the Ex-Im Bank, ensuring continued access to export credit financing, loan guarantees, and insurance programs for U.S. exporters. This 10-year reauthorization provides critical certainty for defense, aerospace, infrastructure, and manufacturing contractors pursuing international sales, particularly those in long-cycle capital equipment and project finance deals. Contractors with ITAR-controlled products, heavy equipment exports, or international infrastructure projects should immediately assess their export finance strategies and pipeline opportunities that depend on Ex-Im Bank support. The reauthorization maintains a vital competitive tool against foreign export credit agencies while reinforcing compliance requirements under ITAR, EAR, and trade agreement frameworks.
Cabrillo Club·February 22, 2026
Compliance & Risk
Make Housing Affordable and Defend Democracy Act
The Make Housing Affordable and Defend Democracy Act has been referred to multiple House committees including Armed Services, Homeland Security, and the Judiciary for consideration. While the bill's title suggests focus on housing and democratic processes, its referral to Armed Services and Homeland Security committees indicates potential implications for defense and homeland security contractors. The specific provisions and their impact on government contracting remain unclear pending committee review and bill text analysis.
Cabrillo Club·February 22, 2026
Compliance & Risk
Make Housing Affordable and Defend Democracy Act
The Make Housing Affordable and Defend Democracy Act has been referred to multiple House committees including Armed Services, Homeland Security, and the Judiciary for consideration. While the bill's title suggests focus on housing and democratic processes, its referral to Armed Services and Homeland Security committees indicates potential implications for defense and homeland security contractors. The specific provisions and their impact on government contracting remain unclear pending committee review and bill text analysis.
Cabrillo Club·February 22, 2026
Compliance & Risk
Make Housing Affordable and Defend Democracy Act
The Make Housing Affordable and Defend Democracy Act has been referred to House Armed Services, Homeland Security, and Judiciary committees, signaling potential reallocation of $175 billion in federal funding from immigration enforcement to housing and democratic infrastructure. Defense, homeland security, and facilities management contractors should monitor committee markups closely, as this legislation could redirect ICE, CBP, and border security appropriations toward housing construction, property management, and legal services contracts. The bill's cross-committee referral indicates complex procurement implications across DOD, DHS, DOJ, HUD, and GSA. Contractors in affected NAICS codes should prepare capture strategies for both potential new housing opportunities and possible immigration enforcement contract reductions.
Cabrillo Club·February 22, 2026
Compliance & Risk
Stop Censoring Military Families Act
The Stop Censoring Military Families Act has been referred to the House Committee on Armed Services and the Committee on Education and Workforce for consideration. This legislation appears to address issues related to military families, though specific provisions and potential impacts on government contractors are not detailed in the available content. Contractors supporting military family programs or education services should monitor this bill's progress for potential policy or operational changes.
Cabrillo Club·February 22, 2026
Compliance & Risk
Stop Censoring Military Families Act
The Stop Censoring Military Families Act has been referred to the House Committee on Armed Services and the Committee on Education and Workforce for consideration. This legislation appears to address issues related to military families, though specific provisions and potential impacts on government contractors are not detailed in the available content. Contractors supporting military family programs or education services should monitor this bill's progress for potential policy or operational changes.
Cabrillo Club·February 22, 2026
Compliance & Risk
Stop Censoring Military Families Act
The Stop Censoring Military Families Act (H.R. 5527), introduced September 19, 2025, by Reps. Raskin and Houlahan, mandates restoration of books removed from Department of Defense Education Activity (DoDEA) schools following prior administration policy changes. A federal judge has already ruled that DOD must cease censoring classroom and library materials on race and gender, creating immediate compliance obligations for DoDEA and contractors supporting military education infrastructure. Contractors providing education services, curriculum development, library management, and social services to military families should prepare for expanded scope requirements and potential contract modifications across OASIS+, Alliant 3, and DoDEA-specific vehicles.
Cabrillo Club·February 22, 2026
Compliance & Risk
Submission for OMB Review; Federal Acquisition Regulation Part 27 Requirements
The Regulatory Secretariat Division has submitted a request to OMB for review and approval of an extension of existing information collection requirements under FAR Part 27, which governs patents, data, and copyrights in government contracting. This is a routine administrative action to maintain current reporting requirements rather than introduce new regulatory changes. Contractors should not expect any immediate changes to their compliance obligations related to intellectual property and data rights under existing FAR Part 27 provisions.
Cabrillo Club·February 21, 2026
Compliance & Risk
Submission for OMB Review; Federal Acquisition Regulation Part 27 Requirements
The Regulatory Secretariat Division has submitted a request to OMB for review and approval of an extension of existing information collection requirements under FAR Part 27, which governs patents, data, and copyrights in government contracting. This is a routine administrative action to maintain current reporting requirements rather than introduce new regulatory changes. Contractors should not expect any immediate changes to their compliance obligations related to intellectual property and data rights under existing FAR Part 27 provisions.
Cabrillo Club·February 21, 2026
Compliance & Risk
Submission for OMB Review; Federal Acquisition Regulation Part 27 Requirements
The Regulatory Secretariat Division has submitted a routine request to OMB for a three-year extension of existing information collection requirements under FAR Part 27, which governs patents, data rights, and copyrights in federal contracting. This is a standard administrative renewal—not a regulatory change—and contractors should expect no immediate modifications to their intellectual property compliance obligations. The current approval expires February 28, 2026, and the proposed extension would maintain existing reporting requirements through 2029. Contractors in technology development, R&D, software, and manufacturing sectors should continue operating under current FAR Part 27 provisions while monitoring for the final OMB approval.
Cabrillo Club·February 21, 2026
Compliance & Risk
House Democrats question DHS, ICE use of surveillance tech
House Democrats are demanding oversight of DHS and ICE's procurement and use of surveillance technologies from vendors Penlink and Paragon, citing concerns about data privacy, civil liberties, and constitutional compliance. The lawmakers are requesting a briefing by March 5 on acquisition processes, legal justifications, data handling procedures, and oversight mechanisms for these surveillance tools. This scrutiny could lead to increased compliance requirements, procurement restrictions, or policy changes affecting contractors providing surveillance and data collection technologies to DHS and its components.
Cabrillo Club·February 20, 2026
Compliance & Risk
House Democrats question DHS, ICE use of surveillance tech
House Democrats are demanding oversight of DHS and ICE's procurement and use of surveillance technologies from vendors Penlink and Paragon, citing concerns about data privacy, civil liberties, and constitutional compliance. The lawmakers are requesting a briefing by March 5 on acquisition processes, legal justifications, data handling procedures, and oversight mechanisms for these surveillance tools. This scrutiny could lead to increased compliance requirements, procurement restrictions, or policy changes affecting contractors providing surveillance and data collection technologies to DHS and its components.
Cabrillo Club·February 20, 2026
Compliance & Risk
House Democrats question DHS, ICE use of surveillance tech
House Democrats are demanding comprehensive oversight of DHS and ICE's procurement and deployment of surveillance technologies, specifically targeting data collection systems from vendors Penlink and Paragon. Lawmakers have set a March 5 deadline for DHS to brief Congress on acquisition processes, legal justifications, data handling procedures, and oversight mechanisms. This scrutiny signals potential procurement restrictions, enhanced compliance requirements, and policy changes that will directly impact contractors providing surveillance, biometrics, location tracking, and investigative support services across DHS components. Contractors in this space must immediately review their privacy frameworks, prepare for heightened acquisition scrutiny, and anticipate new compliance surfaces in upcoming solicitations.
Cabrillo Club·February 20, 2026
Compliance & Risk
GSA reveals first round of awards for Alliant 3 contract
GSA announced the first round of 43 awards for the Alliant 3 GWAC, a no-ceiling governmentwide IT services contract vehicle that will eventually have 76 total awardees. This unrestricted enterprise GWAC enables agencies to issue task orders for cybersecurity, data solutions, systems engineering, cloud services, and other IT services, representing a major procurement opportunity for government contractors. The awards come after a year-long delay due to bid protests and mark a significant shift in how federal agencies will procure IT services.
Cabrillo Club·February 20, 2026
Compliance & Risk
GSA reveals first round of awards for Alliant 3 contract
GSA announced the first round of 43 awards for the Alliant 3 GWAC, a no-ceiling governmentwide IT services contract vehicle that will eventually have 76 total awardees. This unrestricted enterprise GWAC enables agencies to issue task orders for cybersecurity, data solutions, systems engineering, cloud services, and other IT services, representing a major procurement opportunity for government contractors. The awards come after a year-long delay due to bid protests and mark a significant shift in how federal agencies will procure IT services.
Cabrillo Club·February 20, 2026
Compliance & Risk
GSA reveals first round of awards for Alliant 3 contract
GSA has announced the first 43 awardees for Alliant 3, the unrestricted enterprise-level GWAC replacing Alliant 2, with 33 additional awards coming in subsequent phases for a total of 76 contract holders. This no-ceiling IT services vehicle covers cybersecurity, cloud services, data solutions, systems engineering, and digital transformation—representing the primary procurement pathway for complex federal IT initiatives across all civilian and defense agencies. After a year-long delay due to bid protests, Alliant 3 is now operational for task order competitions, fundamentally reshaping the competitive landscape for IT services contractors. Non-awardees must immediately pivot to teaming strategies, while awardees must activate capture operations across all federal agencies authorized to use this vehicle.
Cabrillo Club·February 20, 2026
Compliance & Risk
How commercial drones make the Pentagon’s ‘Blue UAS Select’ list
The Defense Department has launched its Drone Dominance Program with testing at Fort Benning, Georgia, evaluating 25 commercial drone vendors. The Defense Contract Management Agency established the Blue List UAS website cataloging 54 approved drone models (29 with 'select' status for operational deployment), creating a streamlined procurement pathway for military units to acquire compliant commercial drones. This program builds on the 2020 Blue UAS initiative and NDAA requirements prohibiting drones with foreign components from security-risk countries, significantly impacting contractors in the commercial drone market seeking DOD contracts.
Cabrillo Club·February 20, 2026
Compliance & Risk
How commercial drones make the Pentagon’s ‘Blue UAS Select’ list
The Defense Department has launched its Drone Dominance Program with testing at Fort Benning, Georgia, evaluating 25 commercial drone vendors. The Defense Contract Management Agency established the Blue List UAS website cataloging 54 approved drone models (29 with 'select' status for operational deployment), creating a streamlined procurement pathway for military units to acquire compliant commercial drones. This program builds on the 2020 Blue UAS initiative and NDAA requirements prohibiting drones with foreign components from security-risk countries, significantly impacting contractors in the commercial drone market seeking DOD contracts.
Cabrillo Club·February 20, 2026
Compliance & Risk
How commercial drones make the Pentagon’s ‘Blue UAS Select’ list
The Defense Department has operationalized its Drone Dominance Program with the launch of the Blue List UAS website, cataloging 54 approved commercial drone models (29 with 'select' operational status) that meet NDAA Section 848 supply chain security requirements. The Defense Contract Management Agency now provides a streamlined procurement pathway for military units to acquire compliant drones without lengthy waiver processes, building on 2020's Blue UAS initiative and eliminating drones with components from security-risk countries. This policy shift creates immediate market access for approved vendors while closing the door on non-compliant competitors, fundamentally restructuring the $2B+ DOD commercial drone acquisition landscape.
Cabrillo Club·February 20, 2026
Compliance & Risk
How to make Tech Force work
The Office of Personnel Management announced the U.S. Tech Force program, which will place 1,000 technology fellows annually into federal agencies starting September for one- or two-year terms, supervised by private sector managers. This represents a significant government hiring initiative that could create new opportunities for technology contractors and consulting firms to support federal digital transformation efforts. The program's success will depend on implementation decisions being made currently, and could impact how agencies approach technology modernization and talent acquisition going forward.
Cabrillo Club·February 20, 2026
Compliance & Risk
How to make Tech Force work
The Office of Personnel Management announced the U.S. Tech Force program, which will place 1,000 technology fellows annually into federal agencies starting September for one- or two-year terms, supervised by private sector managers. This represents a significant government hiring initiative that could create new opportunities for technology contractors and consulting firms to support federal digital transformation efforts. The program's success will depend on implementation decisions being made currently, and could impact how agencies approach technology modernization and talent acquisition going forward.
Cabrillo Club·February 20, 2026
Compliance & Risk
How to make Tech Force work
OPM has launched the U.S. Tech Force program to place 1,000 technology fellows annually into federal agencies starting September 2025 for one- or two-year terms, supervised by private sector managers. This initiative creates immediate opportunities for technology contractors to support federal digital transformation, particularly in workforce augmentation, technical program management, and modernization consulting. Contractors with active positions on OASIS+, CIO-SP4, and GSA Schedule 70 should prepare capture strategies now, as agencies will require implementation support, integration services, and technical oversight frameworks to operationalize this program successfully.
Cabrillo Club·February 20, 2026
Compliance & Risk
Federal CIO Greg Barbaccia tapped for two leadership roles at GSA
Federal CIO Greg Barbaccia has been appointed as acting director of GSA's Technology Transformation Services (TTS) and senior advisor to the GSA administrator, replacing Thomas Shedd who moves to a fraud prevention role. TTS oversees critical government digital services including Login.gov and SAM.gov that contractors use for registration and authentication. This leadership change at GSA, following multiple DOGE-related departures, may signal shifts in how the agency approaches technology modernization and digital service delivery that could affect contractor engagement with these platforms.
Cabrillo Club·February 19, 2026
Compliance & Risk
Federal CIO Greg Barbaccia tapped for two leadership roles at GSA
Federal CIO Greg Barbaccia has been appointed as acting director of GSA's Technology Transformation Services (TTS) and senior advisor to the GSA administrator, replacing Thomas Shedd who moves to a fraud prevention role. TTS oversees critical government digital services including Login.gov and SAM.gov that contractors use for registration and authentication. This leadership change at GSA, following multiple DOGE-related departures, may signal shifts in how the agency approaches technology modernization and digital service delivery that could affect contractor engagement with these platforms.
Cabrillo Club·February 19, 2026
Compliance & Risk
Federal CIO Greg Barbaccia tapped for two leadership roles at GSA
Federal CIO Greg Barbaccia has been appointed as acting director of GSA's Technology Transformation Services (TTS) while maintaining his White House OMB role, replacing Thomas Shedd who transitions to fraud prevention. This dual-hat leadership consolidates federal IT policy and GSA's digital service delivery under one executive, potentially accelerating technology modernization initiatives and altering contractor engagement models for critical platforms like Login.gov, SAM.gov, and cloud.gov. Contractors in IT services, digital transformation, and identity management should monitor for policy shifts in FedRAMP authorization timelines, digital service standards, and GSA Schedule modernization efforts.
Cabrillo Club·February 19, 2026
Compliance & Risk
SpaceX and Blue Origin abruptly shift priorities amid US Golden Dome push
A December 2025 White House executive order mandates a missile shield prototype by 2028 as part of the Golden Dome initiative, with lunar return timelines set for 2028 and permanent moon presence elements by 2030. This directive is driving major commercial space companies SpaceX and Blue Origin to rapidly shift priorities toward lunar development, with Defense officials emphasizing commercial partnerships as essential to achieving these goals. The policy shift represents significant new contracting opportunities in space defense and lunar infrastructure for aerospace contractors.
Cabrillo Club·February 19, 2026
Compliance & Risk
SpaceX and Blue Origin abruptly shift priorities amid US Golden Dome push
A December 2025 White House executive order mandates a missile shield prototype by 2028 as part of the Golden Dome initiative, with lunar return timelines set for 2028 and permanent moon presence elements by 2030. This directive is driving major commercial space companies SpaceX and Blue Origin to rapidly shift priorities toward lunar development, with Defense officials emphasizing commercial partnerships as essential to achieving these goals. The policy shift represents significant new contracting opportunities in space defense and lunar infrastructure for aerospace contractors.
Cabrillo Club·February 19, 2026
Compliance & Risk
SpaceX and Blue Origin abruptly shift priorities amid US Golden Dome push
A December 2025 White House executive order mandates a missile shield prototype by 2028 under the Golden Dome initiative, with lunar return by 2028 and permanent moon presence elements by 2030. This directive is forcing SpaceX, Blue Origin, and the broader aerospace industrial base to rapidly pivot toward lunar development and space defense systems, creating immediate contracting opportunities across DOD, Space Force, NASA, and the Missile Defense Agency. Contractors in aerospace manufacturing, launch services, missile defense, and systems engineering must immediately assess their ITAR/CMMC posture and position for upcoming solicitations across NASA SEWP, Space Enterprise Consortium, and R2C2 vehicles. This represents the most significant space policy shift since the establishment of Space Force, with billions in contract value at stake through 2030.
Cabrillo Club·February 19, 2026
Compliance & Risk
Airbus open to two-fighter option for FCAS to keep program alive
The Future Combat Air System (FCAS) program between France, Germany, and Spain faces potential restructuring, with Airbus proposing a 'two-fighter solution' to break the development deadlock. The sixth-generation fighter program has stalled due to disputes over work share, leadership, and technology transfer, with Germany's Chancellor indicating his country may not need the same aircraft as France. This represents a significant shift in European defense cooperation that could impact U.S. defense contractors working with European partners and affect transatlantic defense industrial relationships.
Cabrillo Club·February 19, 2026
Compliance & Risk
Airbus open to two-fighter option for FCAS to keep program alive
The Future Combat Air System (FCAS) program between France, Germany, and Spain faces potential restructuring, with Airbus proposing a 'two-fighter solution' to break the development deadlock. The sixth-generation fighter program has stalled due to disputes over work share, leadership, and technology transfer, with Germany's Chancellor indicating his country may not need the same aircraft as France. This represents a significant shift in European defense cooperation that could impact U.S. defense contractors working with European partners and affect transatlantic defense industrial relationships.
Cabrillo Club·February 19, 2026
Compliance & Risk
Airbus open to two-fighter option for FCAS to keep program alive
Airbus has publicly endorsed a 'two-fighter solution' for the stalled Future Combat Air System (FCAS), Europe's sixth-generation fighter program jointly developed by France, Germany, and Spain. The proposal would split the program into two separate aircraft designs to resolve disputes over work share, technology transfer, and program leadership that have paralyzed development. This fracture in Europe's flagship defense collaboration signals potential realignment of transatlantic defense partnerships, creates new market entry points for U.S. contractors with complementary technologies, and may accelerate Foreign Military Sales opportunities as European nations reassess their air superiority roadmaps.
Cabrillo Club·February 19, 2026
Compliance & Risk
BAE says its Eurofighter pipeline is filled until first GCAP assembly
BAE Systems announced that Eurofighter Typhoon production is secured through the mid-2030s with recent orders from Spain, Italy, Germany, and new customer Turkey, filling the pipeline until GCAP sixth-generation fighter assembly begins. The consortium plans to increase production from 14 to 20 aircraft annually by mid-2028, with potential to reach 30 per year. This represents significant international defense contracting activity with implications for U.S. defense industrial base competition and allied interoperability, particularly as the UK-Italy-Japan GCAP program targets 2035 entry into service.
Cabrillo Club·February 19, 2026
Compliance & Risk
BAE says its Eurofighter pipeline is filled until first GCAP assembly
BAE Systems announced that Eurofighter Typhoon production is secured through the mid-2030s with recent orders from Spain, Italy, Germany, and new customer Turkey, filling the pipeline until GCAP sixth-generation fighter assembly begins. The consortium plans to increase production from 14 to 20 aircraft annually by mid-2028, with potential to reach 30 per year. This represents significant international defense contracting activity with implications for U.S. defense industrial base competition and allied interoperability, particularly as the UK-Italy-Japan GCAP program targets 2035 entry into service.
Cabrillo Club·February 19, 2026
Compliance & Risk
BAE says its Eurofighter pipeline is filled until first GCAP assembly
BAE Systems has secured Eurofighter Typhoon production through the mid-2030s with orders from Spain, Italy, Germany, and Turkey, planning to scale from 14 to 20 aircraft annually by mid-2028 with potential for 30/year. This production bridge extends until the UK-Italy-Japan GCAP sixth-generation fighter begins assembly targeting 2035 entry into service. U.S. defense contractors face intensified competition in international fighter markets and allied interoperability requirements, particularly as European defense industrial capacity expands and ITAR/EAR compliance surfaces become critical for firms pursuing Foreign Military Sales and Direct Commercial Sales opportunities in advanced air systems.
Cabrillo Club·February 19, 2026
Compliance & Risk
HHS’s reported AI uses soar, including pilots to address staff ‘shortage’
HHS reported a 65% increase in AI use cases in 2025, including pilots specifically designed to address staffing shortages following significant workforce reductions. The agency is deploying AI tools like ChatGPT and Copilot for legal investigations and public correspondence, indicating a strategic shift toward automation amid reduced personnel. This trend suggests potential changes in how HHS contracts for services and may create opportunities for AI-enabled solutions while reducing traditional staffing-based contracts.
Cabrillo Club·February 19, 2026
Compliance & Risk
HHS’s reported AI uses soar, including pilots to address staff ‘shortage’
HHS reported a 65% increase in AI use cases in 2025, including pilots specifically designed to address staffing shortages following significant workforce reductions. The agency is deploying AI tools like ChatGPT and Copilot for legal investigations and public correspondence, indicating a strategic shift toward automation amid reduced personnel. This trend suggests potential changes in how HHS contracts for services and may create opportunities for AI-enabled solutions while reducing traditional staffing-based contracts.
Cabrillo Club·February 19, 2026
Compliance & Risk
HHS’s reported AI uses soar, including pilots to address staff ‘shortage’
HHS reported a 65% increase in AI use cases in 2025, deploying tools like ChatGPT and Copilot to address critical staffing shortages following significant workforce reductions. This strategic pivot toward automation fundamentally alters HHS's procurement posture—traditional labor-hour contracts face compression while AI-enabled service delivery models gain traction. Contractors in IT services, BPO, administrative support, and legal services must immediately reassess pipeline positioning and technical capabilities, as HHS's $2M AI caregiving initiative signals broader adoption across all operating divisions including FDA, CDC, CMS, and NIH.
Cabrillo Club·February 19, 2026
Compliance & Risk
Interior Department finding momentum with modernization
The Department of Interior is modernizing its contracting and procurement processes by implementing robotic process automation (RPA) tools and exploring emerging technologies like generative AI and blockchain. The agency is also working to centralize IT infrastructure and improve compliance following an IG audit that found $40 million in misclassified IT purchases during FY2022-2024. These modernization efforts and process changes may impact how contractors engage with DOI procurement systems and requirements.
Cabrillo Club·February 18, 2026
Compliance & Risk
Interior Department finding momentum with modernization
The Department of Interior is modernizing its contracting and procurement processes by implementing robotic process automation (RPA) tools and exploring emerging technologies like generative AI and blockchain. The agency is also working to centralize IT infrastructure and improve compliance following an IG audit that found $40 million in misclassified IT purchases during FY2022-2024. These modernization efforts and process changes may impact how contractors engage with DOI procurement systems and requirements.
Cabrillo Club·February 18, 2026
Compliance & Risk
Interior Department finding momentum with modernization
The Department of Interior is executing a comprehensive modernization of its contracting and procurement infrastructure, deploying robotic process automation (RPA) and evaluating generative AI and blockchain technologies for acquisition workflows. Following an IG audit that identified $40 million in misclassified IT purchases across FY2022-2024, DOI is centralizing IT infrastructure and tightening FITARA compliance controls. Contractors serving DOI—particularly those in IT modernization, cloud services, and emerging tech—should anticipate stricter procurement classification reviews, updated technical requirements in upcoming solicitations, and potential consolidation of contract vehicles as the agency standardizes its technology stack.
Cabrillo Club·February 18, 2026
Compliance & Risk
FAA, DOD data silos were partly to blame for last year’s DCA crash
The NTSB's final report on the DCA midair collision reveals systemic data-sharing and safety management failures across FAA and DOD, with specific recommendations for improved data analysis and inter-agency information sharing. The findings highlight deficiencies in Army helicopter flight safety data monitoring and FAA's risk assessment processes, which may drive new data management and safety compliance requirements for defense contractors. Contractors supporting aviation operations, particularly those working with FAA and DOD on safety systems and data analytics, should anticipate enhanced oversight and potential new requirements for safety data collection and sharing protocols.
Cabrillo Club·February 18, 2026
Compliance & Risk
FAA, DOD data silos were partly to blame for last year’s DCA crash
The NTSB's final report on the DCA midair collision reveals systemic data-sharing and safety management failures across FAA and DOD, with specific recommendations for improved data analysis and inter-agency information sharing. The findings highlight deficiencies in Army helicopter flight safety data monitoring and FAA's risk assessment processes, which may drive new data management and safety compliance requirements for defense contractors. Contractors supporting aviation operations, particularly those working with FAA and DOD on safety systems and data analytics, should anticipate enhanced oversight and potential new requirements for safety data collection and sharing protocols.
Cabrillo Club·February 18, 2026
Compliance & Risk
FAA, DOD data silos were partly to blame for last year’s DCA crash
The NTSB's final report on the DCA midair collision identifies systemic failures in data sharing and safety management between FAA and DOD, with specific emphasis on incompatible safety reporting systems and inadequate risk assessment processes. The FAA's Aviation Safety Information Analysis and Sharing (ASIAS) program had zero integration with Army Safety Management systems, creating dangerous blind spots. Contractors supporting aviation safety systems, data analytics, and inter-agency information sharing should anticipate new compliance requirements for safety data collection, enhanced oversight protocols, and mandated cross-agency data integration standards—particularly those holding OASIS+, ASTRO, and GSA Schedule 70 vehicles supporting FAA and DOD aviation programs.
Cabrillo Club·February 18, 2026
Compliance & Risk
Australia prepares for next batch of ‘Ghost Bat’ warplane buddy drones
Australia's Royal Australian Air Force has ordered seven additional MQ-28A Ghost Bat collaborative combat aircraft from Boeing Defence Australia in a third tranche worth AUS$754 million (US$534 million). This brings the total fleet to 18 aircraft across three blocks, with plans for 10 operational units by 2028 as part of Australia's long-range deterrence strategy. The program demonstrates international defense collaboration and potential export opportunities for U.S. defense contractors working with allied nations on unmanned combat systems.
Cabrillo Club·February 17, 2026
Compliance & Risk
Australia prepares for next batch of ‘Ghost Bat’ warplane buddy drones
Australia's Royal Australian Air Force has ordered seven additional MQ-28A Ghost Bat collaborative combat aircraft from Boeing Defence Australia in a third tranche worth AUS$754 million (US$534 million). This brings the total fleet to 18 aircraft across three blocks, with plans for 10 operational units by 2028 as part of Australia's long-range deterrence strategy. The program demonstrates international defense collaboration and potential export opportunities for U.S. defense contractors working with allied nations on unmanned combat systems.
Cabrillo Club·February 17, 2026
Compliance & Risk
Australia prepares for next batch of ‘Ghost Bat’ warplane buddy drones
Australia's Royal Australian Air Force has contracted Boeing Defence Australia for seven additional MQ-28A Ghost Bat collaborative combat aircraft in a AUS$754 million (US$534 million) third tranche, bringing the total fleet to 18 units with 10 operational aircraft planned by 2028. This expansion signals accelerating international demand for unmanned collaborative combat systems and validates the CCA concept as a cornerstone of allied long-range deterrence strategies. U.S. defense contractors with capabilities in autonomous systems, AI-enabled mission planning, sensor fusion, and secure datalink technologies should immediately assess positioning for Foreign Military Sales (FMS) and Direct Commercial Sales (DCS) opportunities as allied nations replicate Australia's CCA integration model.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services
OFPP, DoD, GSA, and NASA (collectively referred to as the Federal Acquisition Regulatory Council, or FAR Council) are proposing to amend the Federal Acquisition Regulation (FAR) to partially implement a section of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 which prohibits executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services effective December 23, 2027.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services
OFPP, DoD, GSA, and NASA (collectively referred to as the Federal Acquisition Regulatory Council, or FAR Council) are proposing to amend the Federal Acquisition Regulation (FAR) to partially implement a section of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 which prohibits executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services effective December 23, 2027.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services
The FAR Council is proposing amendments to prohibit federal agencies from procuring products or services containing covered semiconductor products or services, effective December 23, 2027. This implements Section 5949 of the FY2023 NDAA and will fundamentally reshape supply chain compliance requirements across the entire federal contracting base. Contractors must immediately audit their semiconductor supply chains, identify covered products, and prepare mitigation strategies before the 2027 deadline. This is not optional—non-compliance will result in contract ineligibility across all executive agencies.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Posting of Informational Video: Cybersecurity Maturity Model Certification (CMMC) Program
The Office of the Department of Defense Chief Information Officer (DoD CIO) has released an informational video to provide the public with an overview of the proposed rule for DoD's updated Cybersecurity Maturity Model Certification (CMMC) Program, which was published in the Federal Register on December 26, 2023 for public comment. The proposed rule establishes requirements for a comprehensive and scalable assessment mechanism to ensure defense contractors and subcontractors have, as part of the CMMC Program, implemented required existing security requirements for Federal Contract Information and Controlled Unclassified Information (CUI) and adds new CUI security requirements for certain priority programs. This document announces that a video file containing an overview briefing of the CMMC proposed rule, presented by leadership and staff from the Office of the DoD Deputy CIO for Cybersecurity, was posted on the internet on February 14, 2024.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Posting of Informational Video: Cybersecurity Maturity Model Certification (CMMC) Program
The Office of the Department of Defense Chief Information Officer (DoD CIO) has released an informational video to provide the public with an overview of the proposed rule for DoD's updated Cybersecurity Maturity Model Certification (CMMC) Program, which was published in the Federal Register on December 26, 2023 for public comment. The proposed rule establishes requirements for a comprehensive and scalable assessment mechanism to ensure defense contractors and subcontractors have, as part of the CMMC Program, implemented required existing security requirements for Federal Contract Information and Controlled Unclassified Information (CUI) and adds new CUI security requirements for certain priority programs. This document announces that a video file containing an overview briefing of the CMMC proposed rule, presented by leadership and staff from the Office of the DoD Deputy CIO for Cybersecurity, was posted on the internet on February 14, 2024.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Posting of Informational Video: Cybersecurity Maturity Model Certification (CMMC) Program
The DoD Chief Information Officer has published an official informational video briefing on the CMMC 2.0 proposed rule, originally released for public comment on December 26, 2023. This video, presented by the Office of the Deputy CIO for Cybersecurity, provides authoritative guidance on the comprehensive assessment framework that will govern how defense contractors and subcontractors must implement security controls for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). The proposed rule introduces a scalable, three-tiered certification model with new CUI security requirements for priority programs—signaling that CMMC enforcement is transitioning from 'proposed' to 'imminent operational reality.'
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Cybersecurity Maturity Model Certification (CMMC) Program
With this final rule, DoD establishes the Cybersecurity Maturity Model Certification (CMMC) Program in order to verify contractors have implemented required security measures necessary to safeguard Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). The mechanisms discussed in this rule will allow the Department to confirm a defense contractor or subcontractor has implemented the security requirements for a specified CMMC level and is maintaining that status (meaning level and assessment type) across the contract period of performance. This rule will be updated as needed, using the appropriate rulemaking process, to address evolving cybersecurity standards, requirements, threats, and other relevant changes.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Cybersecurity Maturity Model Certification (CMMC) Program
With this final rule, DoD establishes the Cybersecurity Maturity Model Certification (CMMC) Program in order to verify contractors have implemented required security measures necessary to safeguard Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). The mechanisms discussed in this rule will allow the Department to confirm a defense contractor or subcontractor has implemented the security requirements for a specified CMMC level and is maintaining that status (meaning level and assessment type) across the contract period of performance. This rule will be updated as needed, using the appropriate rulemaking process, to address evolving cybersecurity standards, requirements, threats, and other relevant changes.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: Cybersecurity Maturity Model Certification (CMMC) Program
The Department of Defense has published the final rule establishing the Cybersecurity Maturity Model Certification (CMMC) Program in the Federal Register, making cybersecurity certification a mandatory contract requirement for defense contractors handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). This rule operationalizes verification mechanisms that will require contractors to demonstrate—and maintain—specific CMMC levels throughout contract performance periods. Every defense contractor must immediately assess their current cybersecurity posture, determine required CMMC levels for existing and pipeline opportunities, and initiate certification pathways or risk disqualification from DoD solicitations.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: National Industrial Security Program
This final rule removes the DoD's regulations on the National Industrial Security Program (NISP) regarding industrial security procedures and practices related to foreign ownership, control, or influence (FOCI) for U.S. Government activities. The interim final rule currently in effect is duplicative and obsolete. The Director of the National Archives and Records Administration's (NARA) Information Security Oversight Office (ISOO) is responsible for implementing and monitoring Executive Branch implementation of the NISP, and DoD's rule duplicates an amendment to the NARA rule on the same subject.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: National Industrial Security Program
This final rule removes the DoD's regulations on the National Industrial Security Program (NISP) regarding industrial security procedures and practices related to foreign ownership, control, or influence (FOCI) for U.S. Government activities. The interim final rule currently in effect is duplicative and obsolete. The Director of the National Archives and Records Administration's (NARA) Information Security Oversight Office (ISOO) is responsible for implementing and monitoring Executive Branch implementation of the NISP, and DoD's rule duplicates an amendment to the NARA rule on the same subject.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: National Industrial Security Program
The Department of Defense is removing its duplicative National Industrial Security Program (NISP) regulations governing Foreign Ownership, Control, or Influence (FOCI) procedures for cleared contractors. This final rule eliminates DoD's redundant oversight in favor of centralized administration by NARA's Information Security Oversight Office (ISOO), which already maintains authoritative NISP regulations. Cleared contractors operating under facility security clearances (FCLs) must now reference ISOO's 32 CFR Part 2004 as the sole regulatory authority for FOCI mitigation instruments, ownership reporting, and industrial security procedures. This consolidation does not change substantive FOCI requirements but eliminates regulatory duplication that has created compliance confusion.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: National Industrial Security Program Operating Manual (NISPOM); Amendment
DoD is proposing amendments to the National Industrial Security Program Operating Manual (NISPOM) based on public comments received on a final rule published on December 21, 2020. The proposed amendments address implementation guidance and costs for the Security Executive Agent Directive (SEAD) 3, clarifications on procedures for the protection and reproduction of classified information, controlled unclassified information (CUI), National Interest Determination (NID) requirements for cleared contractors operating under a Special Security Agreement for Foreign Ownership, Control or Influence, and eligibility determinations for personnel security clearance processes and requirements.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: National Industrial Security Program Operating Manual (NISPOM); Amendment
DoD is proposing amendments to the National Industrial Security Program Operating Manual (NISPOM) based on public comments received on a final rule published on December 21, 2020. The proposed amendments address implementation guidance and costs for the Security Executive Agent Directive (SEAD) 3, clarifications on procedures for the protection and reproduction of classified information, controlled unclassified information (CUI), National Interest Determination (NID) requirements for cleared contractors operating under a Special Security Agreement for Foreign Ownership, Control or Influence, and eligibility determinations for personnel security clearance processes and requirements.
Cabrillo Club·February 17, 2026
Compliance & Risk
Federal Register: National Industrial Security Program Operating Manual (NISPOM); Amendment
DoD has published proposed amendments to the National Industrial Security Program Operating Manual (NISPOM) addressing critical implementation gaps from the December 2020 final rule. These changes directly impact cleared contractors' handling of classified information, CUI protocols, Foreign Ownership Control or Influence (FOCI) mitigation under Special Security Agreements, and personnel security clearance eligibility determinations. Contractors holding Facility Clearances (FCLs) must prepare for revised compliance requirements across information security, FOCI mitigation, and personnel vetting processes. This is a HIGH severity event requiring immediate review by FSOs, Compliance Officers, and Capture leadership.
Cabrillo Club·February 17, 2026
Compliance & Risk
US Air Force needs 500 next-gen fighters, bombers to beat China, think tank says
Living intelligence hub tracking policy change — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
US Air Force needs 500 next-gen fighters, bombers to beat China, think tank says
The Mitchell Institute for Aerospace Studies recommends the U.S. Air Force procure at least 500 next-generation aircraft (300 F-47 fighters and 200 B-21 bombers) to counter China, significantly exceeding current plans of 185 F-47s and 100 B-21s. This policy recommendation could drive major procurement increases for Boeing's F-47 program and Northrop Grumman's B-21 Raider program. While currently a think tank recommendation rather than official policy, such influential defense policy papers often shape congressional budget decisions and DoD acquisition strategies.
Cabrillo Club·February 16, 2026
Compliance & Risk
US Air Force needs 500 next-gen fighters, bombers to beat China, think tank says
The Mitchell Institute for Aerospace Studies recommends the U.S. Air Force procure at least 500 next-generation aircraft (300 F-47 fighters and 200 B-21 bombers) to counter China, significantly exceeding current plans of 185 F-47s and 100 B-21s. This policy recommendation could drive major procurement increases for Boeing's F-47 program and Northrop Grumman's B-21 Raider program. While currently a think tank recommendation rather than official policy, such influential defense policy papers often shape congressional budget decisions and DoD acquisition strategies.
Cabrillo Club·February 16, 2026
Compliance & Risk
US Air Force needs 500 next-gen fighters, bombers to beat China, think tank says
The Mitchell Institute for Aerospace Studies has issued a policy recommendation calling for the U.S. Air Force to procure 500 next-generation aircraft—300 F-47 fighters and 200 B-21 bombers—to counter China's military expansion, nearly tripling current acquisition plans. While this remains a think tank recommendation rather than official DoD policy, such influential defense policy papers historically shape congressional appropriations and acquisition strategy, signaling potential multi-billion-dollar procurement expansions for prime contractors and their supply chains. Contractors in aerospace manufacturing, advanced systems integration, and defense R&D should immediately assess their positioning for F-47 and B-21 program participation, as this recommendation could accelerate FY2026-2030 budget requests and trigger new subcontract opportunities across NAICS 336411, 336412, 336413, 334511, 541330, and 541712.
Cabrillo Club·February 16, 2026
Compliance & Risk
Dismantle DEI Act of 2025
Living intelligence hub tracking legislation — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Dismantle DEI Act of 2025
Referred to the Committee on Oversight and Government Reform, and in addition to the Committees on the Judiciary, Education and Workforce, Armed Services, Foreign Affairs, Financial Services, Energy and Commerce, Transportation and Infrastructure, and Intelligence (Permanent Select), for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Cabrillo Club·February 16, 2026
Compliance & Risk
Dismantle DEI Act of 2025
Referred to the Committee on Oversight and Government Reform, and in addition to the Committees on the Judiciary, Education and Workforce, Armed Services, Foreign Affairs, Financial Services, Energy and Commerce, Transportation and Infrastructure, and Intelligence (Permanent Select), for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Cabrillo Club·February 16, 2026
Compliance & Risk
Dismantle DEI Act of 2025
The Dismantle DEI Act of 2025 has been introduced and referred to eight House committees with jurisdiction over federal agencies, defense, education, workforce, and intelligence operations. This legislation poses a HIGH severity threat to contractors delivering diversity, equity, and inclusion programs, training services, HR consulting, and workforce development across DOD, DHS, GSA, DOJ, DOE, DOT, ED, STATE, TREASURY, HHS, DOL, and ODNI. Contractors holding IDIQ positions on OASIS+, ASTRO, Alliant 3, STARS III, 8(a) STARS III, VETS 2, HCaTS, and PSS should immediately audit active task orders, pipeline opportunities, and compliance obligations tied to Executive Order 11246, FAR Part 22, and OFCCP regulations.
Cabrillo Club·February 16, 2026
Compliance & Risk
Why Greenland’s takeover by the US is not needed for Golden Dome
Living intelligence hub tracking executive order — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Why Greenland’s takeover by the US is not needed for Golden Dome
The Trump administration issued an executive order in January 2025 establishing the 'Golden Dome' missile defense system, though specific program details and budgetary information remain insufficient for Congressional oversight according to House and Senate appropriators. The initiative is linked to the administration's National Defense Strategy which emphasizes guaranteed military access to Greenland, though the article argues acquisition of Greenland is not necessary for the missile defense objectives. Defense contractors should monitor for forthcoming program requirements and funding allocations as Golden Dome details emerge, as this represents a significant new defense initiative with unclear budgetary scope.
Cabrillo Club·February 16, 2026
Compliance & Risk
Why Greenland’s takeover by the US is not needed for Golden Dome
The Trump administration issued an executive order in January 2025 establishing the 'Golden Dome' missile defense system, though specific program details and budgetary information remain insufficient for Congressional oversight according to House and Senate appropriators. The initiative is linked to the administration's National Defense Strategy which emphasizes guaranteed military access to Greenland, though the article argues acquisition of Greenland is not necessary for the missile defense objectives. Defense contractors should monitor for forthcoming program requirements and funding allocations as Golden Dome details emerge, as this represents a significant new defense initiative with unclear budgetary scope.
Cabrillo Club·February 16, 2026
Compliance & Risk
Why Greenland’s takeover by the US is not needed for Golden Dome
The Trump administration issued an executive order in January 2025 establishing the 'Golden Dome' missile defense system, a HIGH-severity development for defense contractors. Congressional appropriators report insufficient program details and budgetary information for oversight, creating uncertainty around funding allocations and requirements. While linked to National Defense Strategy objectives requiring military access to Greenland, the initiative represents a significant new defense program with undefined scope—contractors in missile defense, aerospace, radar systems, and C2 must immediately position for forthcoming solicitations as program requirements crystallize.
Cabrillo Club·February 16, 2026
Compliance & Risk
Coast Guard awards Davie Defense contract for 5 icebreakers
Living intelligence hub tracking contract vehicle — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Coast Guard awards Davie Defense contract for 5 icebreakers
The U.S. Coast Guard has awarded Davie Defense a contract for 5 icebreakers, representing a major procurement action to revitalize Coast Guard icebreaking capabilities. This contract award signals significant opportunities in the maritime defense sector and reflects DHS priorities for Arctic and polar operations. The multi-vessel contract represents substantial federal investment in shipbuilding and could impact the competitive landscape for maritime defense contractors.
Cabrillo Club·February 16, 2026
Compliance & Risk
Coast Guard awards Davie Defense contract for 5 icebreakers
The U.S. Coast Guard has awarded Davie Defense a contract for 5 icebreakers, representing a major procurement action to revitalize Coast Guard icebreaking capabilities. This contract award signals significant opportunities in the maritime defense sector and reflects DHS priorities for Arctic and polar operations. The multi-vessel contract represents substantial federal investment in shipbuilding and could impact the competitive landscape for maritime defense contractors.
Cabrillo Club·February 16, 2026
Compliance & Risk
Coast Guard awards Davie Defense contract for 5 icebreakers
The U.S. Coast Guard has awarded Davie Defense a contract for 5 icebreakers, marking a HIGH-severity procurement event that signals major federal investment in Arctic and polar maritime capabilities under DHS. This multi-vessel award establishes a new competitive baseline in the maritime defense sector and creates immediate follow-on opportunities across shipbuilding, engineering services, and sustainment operations. Contractors in NAICS 336611/336612 (shipbuilding), 541330 (engineering), and related maritime defense sectors must immediately assess their positioning for subcontracting, teaming, and future icebreaker modernization solicitations. This contract represents a strategic shift in Coast Guard procurement priorities and will generate cascading opportunities across the maritime defense industrial base.
Cabrillo Club·February 16, 2026
Compliance & Risk
DOJ ramps up AI for legal work, crime predictions, surveillance, inventory shows
Living intelligence hub tracking policy change — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
DOJ ramps up AI for legal work, crime predictions, surveillance, inventory shows
The Department of Justice has dramatically expanded its AI usage from 4 use cases in 2023 to 315 in 2025, with 114 classified as 'high-impact' affecting rights and safety decisions. This represents a significant shift in how DOJ operates across litigation, criminal investigations, and federal prisons, potentially creating new compliance requirements and contracting opportunities for AI vendors. Contractors supporting DOJ operations should anticipate increased demand for AI solutions while navigating heightened scrutiny around bias, privacy, and civil liberties concerns.
Cabrillo Club·February 16, 2026
Compliance & Risk
DOJ ramps up AI for legal work, crime predictions, surveillance, inventory shows
The Department of Justice has dramatically expanded its AI usage from 4 use cases in 2023 to 315 in 2025, with 114 classified as 'high-impact' affecting rights and safety decisions. This represents a significant shift in how DOJ operates across litigation, criminal investigations, and federal prisons, potentially creating new compliance requirements and contracting opportunities for AI vendors. Contractors supporting DOJ operations should anticipate increased demand for AI solutions while navigating heightened scrutiny around bias, privacy, and civil liberties concerns.
Cabrillo Club·February 16, 2026
Compliance & Risk
DOJ ramps up AI for legal work, crime predictions, surveillance, inventory shows
The Department of Justice has exploded its AI deployment from 4 use cases in 2023 to 315 in 2025, with 114 classified as high-impact systems affecting rights, safety, and criminal justice decisions. This policy shift creates immediate contracting opportunities across litigation support, predictive analytics, surveillance, and biometric systems while introducing stringent compliance requirements around bias mitigation, privacy protection, and civil liberties safeguards. Contractors supporting DOJ, FBI, DEA, ATF, BOP, USMS, and EOUSA must prepare for accelerated AI procurement cycles, enhanced technical evaluation criteria, and mandatory adherence to NIST AI Risk Management Framework and OMB AI guidance.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP to strengthen ‘tactical targeting,’ ‘counter-network analysis’ with Clearview AI
Living intelligence hub tracking contract vehicle — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP to strengthen ‘tactical targeting,’ ‘counter-network analysis’ with Clearview AI
U.S. Customs and Border Protection has awarded a one-year base contract to Clearview AI for facial recognition and biometric capabilities, providing 15 software licenses to access a database of over 60 billion publicly available images. The contract, starting in September, will support CBP's National Targeting Center for tactical targeting and counter-network analysis operations. This represents part of a broader DHS trend of expanding AI and biometric technology adoption for law enforcement and border security operations, though it faces potential legislative restrictions.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP to strengthen ‘tactical targeting,’ ‘counter-network analysis’ with Clearview AI
U.S. Customs and Border Protection has awarded Clearview AI a one-year base contract for facial recognition capabilities, providing 15 software licenses accessing a 60+ billion image database to support tactical targeting and counter-network analysis at CBP's National Targeting Center. This contract signals DHS's accelerating adoption of AI-driven biometric technologies for border security and law enforcement operations, creating immediate opportunities for contractors in facial recognition, data analytics, and AI-powered investigative tools. Contractors with capabilities in biometric systems, AI/ML platforms, and counter-terrorism analytics should prepare for expanded procurement activity across DHS components, though legislative restrictions on facial recognition technology may constrain future awards.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senior Enlisted Advisor to Chairman Testifies on Quality of Life
Living intelligence hub tracking legislation — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senior Enlisted Advisor to Chairman Testifies on Quality of Life
Warfighters are the foundation of War Department lethality, said Senior Enlisted Advisor to the Chairman David L. Isom, who testified before the Senate Armed Services Committee's personnel subcommittee on service member and family quality of life.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senior Enlisted Advisor to Chairman Testifies on Quality of Life
Warfighters are the foundation of War Department lethality, said Senior Enlisted Advisor to the Chairman David L. Isom, who testified before the Senate Armed Services Committee's personnel subcommittee on service member and family quality of life.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senior Enlisted Advisor to Chairman Testifies on Quality of Life
Senior Enlisted Advisor to the Chairman David L. Isom testified before the Senate Armed Services Committee personnel subcommittee, emphasizing that warfighter quality of life is foundational to Department of Defense lethality. This testimony signals imminent appropriations focus on service member and family support infrastructure across housing, healthcare, childcare, food services, mental health, and education. Contractors in NAICS 624190, 621999, 722310, 531110, 611710, 624110, and 813930 should anticipate increased solicitation activity across DoD components within 60-90 days as committee recommendations translate to program office requirements.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fleet cybersecurity funding to see ‘increased investment’ in FY27 budget request: Navy official
Living intelligence hub tracking budget action — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fleet cybersecurity funding to see ‘increased investment’ in FY27 budget request: Navy official
The Navy plans to increase cybersecurity funding in its FY27 budget request, specifically targeting fleet cybersecurity capabilities. This investment will be integrated into the Navy's Golden Fleet concept, indicating a strategic shift toward embedding cybersecurity from the design phase. Government contractors supporting Navy cybersecurity, shipbuilding, and fleet modernization programs should anticipate increased opportunities in this area.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fleet cybersecurity funding to see ‘increased investment’ in FY27 budget request: Navy official
The Navy plans to increase cybersecurity funding in its FY27 budget request, specifically targeting fleet cybersecurity capabilities. This investment will be integrated into the Navy's Golden Fleet concept, indicating a strategic shift toward embedding cybersecurity from the design phase. Government contractors supporting Navy cybersecurity, shipbuilding, and fleet modernization programs should anticipate increased opportunities in this area.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fleet cybersecurity funding to see ‘increased investment’ in FY27 budget request: Navy official
The Navy is signaling increased cybersecurity funding in its FY27 budget request, with a strategic focus on fleet-level cybersecurity embedded within the Golden Fleet modernization concept. This represents a shift from bolt-on security to design-phase integration across shipbuilding and fleet systems. Contractors in cybersecurity, naval systems, and shipbuilding should prepare for expanded opportunities beginning in Q2 FY25 as the budget formulation process advances, with RFIs and market research activities likely by Q3 FY25.
Cabrillo Club·February 16, 2026
Compliance & Risk
HASC chair ‘optimistic’ FY27 budget request coming in March
Living intelligence hub tracking budget action — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
HASC chair ‘optimistic’ FY27 budget request coming in March
The House Armed Services Committee chair expressed optimism that the FY27 defense budget request will be submitted in March 2026. This timeline is significant for government contractors as it will establish funding priorities and program allocations for fiscal year 2027, enabling contractors to anticipate upcoming opportunities and align their business development strategies. The discussion also includes Trump administration priorities on missile defense, which may signal increased funding in that sector.
Cabrillo Club·February 16, 2026
Compliance & Risk
HASC chair ‘optimistic’ FY27 budget request coming in March
The House Armed Services Committee chair expressed optimism that the FY27 defense budget request will be submitted in March 2026. This timeline is significant for government contractors as it will establish funding priorities and program allocations for fiscal year 2027, enabling contractors to anticipate upcoming opportunities and align their business development strategies. The discussion also includes Trump administration priorities on missile defense, which may signal increased funding in that sector.
Cabrillo Club·February 16, 2026
Compliance & Risk
HASC chair ‘optimistic’ FY27 budget request coming in March
The House Armed Services Committee chair has signaled optimism that the FY27 defense budget request will arrive in March 2026, establishing critical funding priorities and program allocations for the next fiscal cycle. This timeline provides contractors with a 4-5 month window to align business development strategies, refine capture plans, and position for emerging opportunities—particularly in missile defense, where Trump administration priorities suggest increased investment. Contractors in aerospace, weapons systems, defense electronics, and engineering services should immediately activate budget tracking protocols and prepare to pivot capture resources toward high-priority programs once the request is published.
Cabrillo Club·February 16, 2026
Compliance & Risk
Energy Department identifies 26 Genesis Mission challenges
Living intelligence hub tracking policy change — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Energy Department identifies 26 Genesis Mission challenges
The Department of Energy has identified 26 specific challenges under the Genesis Mission initiative, which originated from a November executive order focused on AI advancement. DOE is actively seeking researchers and innovators to address these challenges through its national labs, industry partners, and academia, with a Genesis Mission Consortium launched to coordinate public-private partnerships. This represents an expanding opportunity for government contractors in AI, research, and technology sectors to engage with DOE on federally-funded innovation projects.
Cabrillo Club·February 16, 2026
Compliance & Risk
Energy Department identifies 26 Genesis Mission challenges
The Department of Energy has identified 26 specific challenges under the Genesis Mission initiative, which originated from a November executive order focused on AI advancement. DOE is actively seeking researchers and innovators to address these challenges through its national labs, industry partners, and academia, with a Genesis Mission Consortium launched to coordinate public-private partnerships. This represents an expanding opportunity for government contractors in AI, research, and technology sectors to engage with DOE on federally-funded innovation projects.
Cabrillo Club·February 16, 2026
Compliance & Risk
Energy Department identifies 26 Genesis Mission challenges
The Department of Energy has published 26 specific technical challenges under the Genesis Mission initiative, stemming from a November executive order on AI advancement. DOE is mobilizing its national labs, industry partners, and academia through a newly launched Genesis Mission Consortium to solve these challenges via public-private partnerships. This creates immediate capture opportunities for contractors in AI, advanced computing, and research services across multiple contract vehicles including DOE OASIS, OASIS+, and CIO-SP4. Contractors with relevant NAICS codes (541715, 541712, 541511) and appropriate cybersecurity postures (NIST 800-171, CMMC) should begin positioning now for anticipated solicitations.
Cabrillo Club·February 16, 2026
Compliance & Risk
IRS official says agency improperly shared some taxpayer data with ICE
Living intelligence hub tracking policy change — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
IRS official says agency improperly shared some taxpayer data with ICE
The IRS improperly shared taxpayer data with ICE that violated federal privacy law and exceeded the scope of their data-sharing MOU, affecting less than 5% of 47,289 records disclosed. This incident highlights compliance risks for contractors working with sensitive government data and reinforces the importance of strict adherence to data-sharing agreements and privacy regulations. The IRS has requested DHS remediate the matter and prevent further disclosure or use of the improperly shared information.
Cabrillo Club·February 16, 2026
Compliance & Risk
IRS official says agency improperly shared some taxpayer data with ICE
The IRS improperly shared taxpayer data with ICE that violated federal privacy law and exceeded the scope of their data-sharing MOU, affecting less than 5% of 47,289 records disclosed. This incident highlights compliance risks for contractors working with sensitive government data and reinforces the importance of strict adherence to data-sharing agreements and privacy regulations. The IRS has requested DHS remediate the matter and prevent further disclosure or use of the improperly shared information.
Cabrillo Club·February 16, 2026
Compliance & Risk
IRS official says agency improperly shared some taxpayer data with ICE
The IRS improperly disclosed taxpayer data to ICE in violation of federal privacy law and the agencies' data-sharing memorandum of understanding, affecting less than 5% of 47,289 records transferred. This incident exposes significant compliance risks for contractors handling Federal Tax Information (FTI) and other sensitive government data, particularly those operating under IRS Publication 1075 requirements. Contractors supporting IRS, DHS, ICE, or Treasury systems—especially those working with data-sharing platforms, compliance management, or law enforcement IT—must immediately review their data governance protocols and MOU compliance frameworks to avoid similar violations that could result in contract termination or debarment.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fincantieri predicts strong growth despite ding to US warship business
Living intelligence hub tracking contract vehicle — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fincantieri predicts strong growth despite ding to US warship business
The US Navy has cancelled the Constellation frigate program after two ships were half-built, directly impacting Fincantieri's US shipyard operations. This represents a significant contract termination affecting a major naval shipbuilding program. While Fincantieri is offsetting losses with international orders and European defense spending increases, US defense contractors and shipbuilders should note this major program cancellation and its implications for naval procurement strategy.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fincantieri predicts strong growth despite ding to US warship business
The US Navy has cancelled the Constellation frigate program after two ships were half-built, directly impacting Fincantieri's US shipyard operations. This represents a significant contract termination affecting a major naval shipbuilding program. While Fincantieri is offsetting losses with international orders and European defense spending increases, US defense contractors and shipbuilders should note this major program cancellation and its implications for naval procurement strategy.
Cabrillo Club·February 16, 2026
Compliance & Risk
Fincantieri predicts strong growth despite ding to US warship business
The U.S. Navy has terminated the Constellation-class frigate program after two vessels reached 50% completion, directly impacting Fincantieri's Marinette Marine shipyard in Wisconsin and sending shockwaves through the naval shipbuilding industrial base. This HIGH-severity cancellation eliminates a multi-billion dollar contract vehicle and signals a potential strategic pivot in surface combatant procurement. Contractors in naval shipbuilding, maritime systems integration, and defense manufacturing must immediately assess exposure to Constellation-related subcontracts, monitor for replacement program solicitations, and prepare for competitive repositioning as the Navy reassesses its frigate requirements.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP ramps up surveillance tech without much-needed IT personnel, GAO says
Living intelligence hub tracking policy change — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP ramps up surveillance tech without much-needed IT personnel, GAO says
A GAO report reveals that CBP has significantly increased surveillance technology deployments along the northern border while facing critical IT personnel shortages, with staffing rates below target for five years. DHS has agreed to develop recruitment and retention strategies for Law Enforcement Information Systems Specialists to address the gap. This signals potential upcoming contracting opportunities for IT support services, managed services, and workforce augmentation to support CBP's expanding surveillance technology infrastructure.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP ramps up surveillance tech without much-needed IT personnel, GAO says
A GAO report reveals that CBP has significantly increased surveillance technology deployments along the northern border while facing critical IT personnel shortages, with staffing rates below target for five years. DHS has agreed to develop recruitment and retention strategies for Law Enforcement Information Systems Specialists to address the gap. This signals potential upcoming contracting opportunities for IT support services, managed services, and workforce augmentation to support CBP's expanding surveillance technology infrastructure.
Cabrillo Club·February 16, 2026
Compliance & Risk
CBP ramps up surveillance tech without much-needed IT personnel, GAO says
CBP has dramatically expanded surveillance technology deployments along the northern border while operating with critical IT personnel shortages—staffing rates have remained below target for five consecutive years. GAO's report confirms DHS will develop recruitment and retention strategies for Law Enforcement Information Systems Specialists, signaling imminent contracting opportunities for IT support services, managed services, and workforce augmentation. Contractors holding IT services contracts under OASIS+, GSA IT Schedule 70, Alliant 2, CIO-SP4, and DHS EAGLE II should prepare for task order competitions focused on surveillance technology support, systems integration, and network operations within the next 6-12 months.
Cabrillo Club·February 16, 2026
Compliance & Risk
Pentagon official blesses Europe’s push to spend defense money at home
Living intelligence hub tracking policy change — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Pentagon official blesses Europe’s push to spend defense money at home
The Pentagon has announced a significant policy shift regarding European defense procurement, with Under Secretary Elbridge Colby stating the U.S. will be 'pragmatic' about European allies buying defense equipment domestically rather than from American contractors. This represents a reversal of 30 years of U.S. policy that opposed European protectionist procurement practices, and could substantially impact U.S. defense contractors' access to European markets, which currently account for 35% of U.S. arms exports. The policy change aligns with the broader U.S. strategy to shift defense burden-sharing responsibilities to European NATO allies while the U.S. focuses on other strategic priorities.
Cabrillo Club·February 16, 2026
Compliance & Risk
Pentagon official blesses Europe’s push to spend defense money at home
The Pentagon has announced a significant policy shift regarding European defense procurement, with Under Secretary Elbridge Colby stating the U.S. will be 'pragmatic' about European allies buying defense equipment domestically rather than from American contractors. This represents a reversal of 30 years of U.S. policy that opposed European protectionist procurement practices, and could substantially impact U.S. defense contractors' access to European markets, which currently account for 35% of U.S. arms exports. The policy change aligns with the broader U.S. strategy to shift defense burden-sharing responsibilities to European NATO allies while the U.S. focuses on other strategic priorities.
Cabrillo Club·February 16, 2026
Compliance & Risk
Pentagon official blesses Europe’s push to spend defense money at home
The Pentagon has executed a major policy reversal, with Under Secretary Elbridge Colby endorsing European allies' domestic defense procurement—a direct departure from 30 years of U.S. opposition to protectionist European buying practices. This shift threatens U.S. defense contractors' access to European markets, which represent 35% of current U.S. arms exports, and signals a strategic pivot toward burden-sharing as the U.S. reallocates focus to other theaters. Contractors with European FMS/DCS pipelines, NATO cooperative programs, or transatlantic supply chains face immediate competitive pressure and must reassess their international capture strategies.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senate takes up push to modernize environmental permitting process
Living intelligence hub tracking legislation — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senate takes up push to modernize environmental permitting process
The bipartisan ePermit Act has been introduced in the Senate to modernize federal environmental permitting processes through standardized digital systems and project management tools. The companion bill has already passed the House. This legislation would impact government contractors involved in infrastructure, energy, and construction projects by potentially streamlining environmental review timelines and requiring digital, cloud-based documentation systems for permit applications.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senate takes up push to modernize environmental permitting process
The bipartisan ePermit Act has been introduced in the Senate to modernize federal environmental permitting processes through standardized digital systems and project management tools. The companion bill has already passed the House. This legislation would impact government contractors involved in infrastructure, energy, and construction projects by potentially streamlining environmental review timelines and requiring digital, cloud-based documentation systems for permit applications.
Cabrillo Club·February 16, 2026
Compliance & Risk
Senate takes up push to modernize environmental permitting process
The bipartisan ePermit Act has advanced to the Senate after passing the House, mandating standardized digital permitting systems across federal environmental reviews. This legislation will compress review timelines and require cloud-based, FedRAMP-compliant documentation platforms for infrastructure, energy, and construction projects. Contractors serving DOT, DOE, DOI, EPA, USACE, and DOD must prepare for accelerated procurement cycles, updated compliance requirements, and increased demand for digital transformation services. Firms with existing positions on OASIS+, 8(a) STARS III, and CIO-SP4 should immediately assess their technical infrastructure and proposal libraries for environmental permitting modernization opportunities.
Cabrillo Club·February 16, 2026
Compliance & Risk
The Budget and Economic Outlook: 2026 to 2036
Living intelligence hub tracking budget action — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
The Budget and Economic Outlook: 2026 to 2036
In CBO's projections, the federal budget deficit in fiscal year 2026 is $1.9 trillion, and federal debt rises to 120 percent of GDP in 2036. Economic growth strengthens in 2026 and moderates in later years.
Cabrillo Club·February 16, 2026
Compliance & Risk
The Budget and Economic Outlook: 2026 to 2036
In CBO's projections, the federal budget deficit in fiscal year 2026 is $1.9 trillion, and federal debt rises to 120 percent of GDP in 2036. Economic growth strengthens in 2026 and moderates in later years.
Cabrillo Club·February 16, 2026
Compliance & Risk
The Budget and Economic Outlook: 2026 to 2036
The Congressional Budget Office projects a $1.9 trillion federal deficit for FY2026, with national debt reaching 120% of GDP by 2036. This critical budget outlook signals imminent pressure on discretionary spending, heightened scrutiny on contract performance and cost controls, and accelerated adoption of shared services and efficiency mandates across all federal agencies. Contractors in management consulting, financial services, IT modernization, and program management must prepare for compressed procurement timelines, increased emphasis on cost-plus-to-firm-fixed-price conversions, and agency-wide efficiency reviews that will reshape contract portfolios starting Q2 FY2026.
Cabrillo Club·February 16, 2026
Compliance & Risk
2027 defense budget could double 2026 ship requests, US Navy secretary says
Living intelligence hub tracking budget action — updated as events unfold.
Cabrillo Club·February 16, 2026
Compliance & Risk
2027 defense budget could double 2026 ship requests, US Navy secretary says
The Navy Secretary announced that the proposed FY2027 defense budget could double shipbuilding procurement from 17 ships in FY2026 to at least 34 ships, with significant focus on auxiliary and support vessels. This represents a major expansion of naval shipbuilding opportunities under President Trump's proposed $1.5 trillion defense budget, including the new Golden Fleet initiative with Trump-class battleships. Government contractors in the maritime and shipbuilding sectors should prepare for substantially increased procurement opportunities, particularly for easier-to-build auxiliary vessels designed to rebuild the maritime industrial base.
Cabrillo Club·February 16, 2026
Compliance & Risk
2027 defense budget could double 2026 ship requests, US Navy secretary says
The Navy Secretary announced that the proposed FY2027 defense budget could double shipbuilding procurement from 17 ships in FY2026 to at least 34 ships, with significant focus on auxiliary and support vessels. This represents a major expansion of naval shipbuilding opportunities under President Trump's proposed $1.5 trillion defense budget, including the new Golden Fleet initiative with Trump-class battleships. Government contractors in the maritime and shipbuilding sectors should prepare for substantially increased procurement opportunities, particularly for easier-to-build auxiliary vessels designed to rebuild the maritime industrial base.
Cabrillo Club·February 16, 2026
Compliance & Risk
2027 defense budget could double 2026 ship requests, US Navy secretary says
The U.S. Navy Secretary announced plans to double shipbuilding procurement in the FY2027 defense budget, expanding from 17 ships in FY2026 to at least 34 ships, with heavy emphasis on auxiliary and support vessels. This expansion is part of President Trump's proposed $1.5 trillion defense budget and the new Golden Fleet initiative featuring Trump-class battleships. Government contractors in maritime, shipbuilding, naval architecture, and defense manufacturing sectors face a generational opportunity to capture contracts as the Navy prioritizes easier-to-build auxiliary vessels designed to rebuild America's maritime industrial base.
Cabrillo Club·February 16, 2026
Compliance & Risk
NASA work on several programs pending responses to White House executive order
NASA Administrator Jared Isaacman has indicated that work on several major programs, including lunar exploration and commercial space stations, is pending responses to a White House executive order. This suggests potential policy changes or programmatic shifts that could significantly impact contractors working on NASA's Artemis lunar program and commercial LEO destination initiatives. Contractors in these sectors should anticipate possible program adjustments, funding reallocations, or requirement changes in the coming weeks.
Cabrillo Club·February 16, 2026
Compliance & Risk
NASA work on several programs pending responses to White House executive order
NASA Administrator Jared Isaacman has paused work on multiple high-value programs—including Artemis lunar exploration and commercial LEO stations—pending White House executive order responses. This follows President Trump's December 18, 2025 'Ensuring American Space Superiority' EO, which mandates 180-day agency acquisition reforms and signals potential policy realignment toward commercial space competition. Contractors holding or pursuing NASA prime contracts in lunar systems, commercial space stations, and related R&D should expect program adjustments, funding reallocations, and revised technical requirements within the next 90-120 days.
Cabrillo Club·February 16, 2026
Compliance & Risk
Philippines still eying F-16s, but costs are causing political headaches
The Philippines' F-16 fighter jet acquisition program remains stalled due to fiscal constraints and political resistance in Manila, creating uncertainty for U.S. defense contractors pursuing Foreign Military Sales opportunities in the Indo-Pacific theater. This delay signals broader budget pressures affecting allied procurement across Southeast Asia and may trigger reallocation of FMS cases or alternative financing structures. Contractors with active or planned bids in aircraft manufacturing, maintenance, training, and logistics support must immediately reassess pipeline probability and prepare alternative engagement strategies for Philippine defense modernization programs.
Cabrillo Club·February 15, 2026
Compliance & Risk
Pentagon wants counter-drone sensors to protect US infrastructure — and fast
The Defense Innovation Unit has issued a high-priority Commercial Solutions Opening for counter-drone sensors to protect U.S. military installations, with demonstrations scheduled for spring 2026 at Yuma Proving Ground. Selected contractors will receive only 30 days or less between notification and demonstration, signaling an accelerated Other Transaction Authority procurement timeline. This represents an immediate capture opportunity for defense contractors with radar-based counter-UAS sensing capabilities targeting Group 1-3 drones at 2+ kilometer detection ranges, particularly those already holding ITAR compliance and CMMC certifications.
Cabrillo Club·February 15, 2026
Compliance & Risk
US Army to debut FPV Bumblebee V2 drone interceptor next month
The Pentagon awarded Perennial Autonomy a $5.2M contract on January 30, 2025, for the Bumblebee V2 FPV drone interceptor, with deliveries starting March 2025 for U.S. Army Global Response Force assessment. This rapid acquisition demonstrates accelerated procurement pathways for NDAA-compliant counter-UAS technology and signals the Army's prioritization of domestic, compliant drone defense systems. Contractors in the counter-drone, unmanned systems, and force protection sectors should immediately assess their NDAA compliance posture and monitor for follow-on solicitations under similar rapid acquisition authorities.
Cabrillo Club·February 15, 2026
Compliance & Risk
US Army to debut FPV Bumblebee V2 drone interceptor next month
The Pentagon awarded a $5.2 million contract to Perennial Autonomy on January 30 for the Bumblebee V2 drone interceptor system, with deliveries beginning in March 2025. The system will be assessed by the U.S. Army's Global Response Force and represents a rapid acquisition of NDAA-compliant counter-drone technology. This contract demonstrates accelerated procurement pathways for emerging counter-UAS capabilities and emphasizes compliance with NDAA restrictions on foreign components.
Cabrillo Club·February 15, 2026
Compliance & Risk
US Army to debut FPV Bumblebee V2 drone interceptor next month
Living intelligence hub tracking contract vehicle — updated as events unfold.
Cabrillo Club·February 15, 2026
Compliance & Risk
US Army to debut FPV Bumblebee V2 drone interceptor next month
The Pentagon awarded a $5.2 million contract to Perennial Autonomy on January 30 for the Bumblebee V2 drone interceptor system, with deliveries beginning in March 2025. The system will be assessed by the U.S. Army's Global Response Force and represents a rapid acquisition of NDAA-compliant counter-drone technology. This contract demonstrates accelerated procurement pathways for emerging counter-UAS capabilities and emphasizes compliance with NDAA restrictions on foreign components.
Cabrillo Club·February 15, 2026
Compliance & Risk
Pentagon wants counter-drone sensors to protect US infrastructure — and fast
Living intelligence hub tracking contract vehicle — updated as events unfold.
Cabrillo Club·February 15, 2026
Compliance & Risk
Pentagon wants counter-drone sensors to protect US infrastructure — and fast
The Defense Innovation Unit has issued an urgent solicitation for counter-drone sensors to protect U.S. military installations, with a demonstration scheduled for spring 2026 at Yuma Proving Ground, Arizona. Selected companies may have only 30 days or less between notification and demonstration execution, indicating an accelerated procurement timeline. This represents a significant opportunity for contractors with counter-UAS sensing capabilities, particularly radar-based systems capable of detecting Group 1-3 drones at 2+ kilometer ranges.
Cabrillo Club·February 15, 2026
Compliance & Risk
Philippines still eying F-16s, but costs are causing political headaches
Living intelligence hub tracking far update — updated as events unfold.
Cabrillo Club·February 15, 2026
Compliance & Risk
Philippines still eying F-16s, but costs are causing political headaches
A deal for new fighter jets is in limbo while officials in Manila seek ways to break the fiscal deadlock that has hounded the program.
Cabrillo Club·February 15, 2026
Technical Deep DivesCompliance & Risk
CUI Data Flow in CRM Systems: A Technical Analysis
A technical deep dive into how CUI enters, propagates, and persists in CRM systems. Includes data flow diagrams and control point analysis for defense contractors.
Cabrillo Club·February 6, 2026
Definitive GuidesCompliance & Risk
Can AI Write Proposals Under CMMC 2.0?
AI proposal tools promise faster win rates, but most fail CMMC compliance. Learn which AI architectures work for defense contractors and which create audit failures.
Cabrillo Club·February 6, 2026
Compliance & RiskSecurity
CUI Data Flow Diagram for CRM Systems
A visual reference showing how Controlled Unclassified Information enters, moves through, and exits CRM systems. Use this diagram to map your own CUI boundary and identify compliance gaps.
Cabrillo Club·February 6, 2026
Definitive GuidesCompliance & Risk
Quality Assurance for AI-Generated Proposal Content Under CMMC
AI can draft proposal sections in minutes, but unreviewed AI output creates compliance and quality risks. Here's a systematic QA process for AI-generated proposal content in CMMC environments.
Cabrillo Club·February 6, 2026
Compliance & RiskSecurity
DFARS 7012 CRM Requirements Explained
DFARS 252.204-7012 mandates how contractors handle covered defense information. Your CRM almost certainly processes CDI. Here's what the clause actually requires and how to comply.
Cabrillo Club·February 5, 2026
Definitive GuidesCompliance & Risk
Past Performance Database: Building Your Competitive Edge in GovCon
Past performance is often the deciding factor in source selection. Most contractors rely on scattered documents and tribal knowledge. Here's how to build a searchable, compliant past performance database.
Cabrillo Club·February 5, 2026
Compliance & RiskSecurity
CRM Data Retention Policies for CMMC: What to Keep, What to Purge
CMMC requires protecting CUI, but it also requires knowing when to dispose of it. Most GovCon CRMs accumulate CUI indefinitely. Here's how to build a compliant retention policy.
Cabrillo Club·February 5, 2026
Compliance & RiskDefinitive Guides
CMMC 2.0 Timeline: Key Dates and Milestones for Defense Contractors
CMMC 2.0 rulemaking is complete and phased implementation has begun. Here's every milestone defense contractors need to track, from self-assessment deadlines to C3PAO availability.
Cabrillo Club·February 5, 2026
Templates & ResourcesCompliance & Risk
CRM System Security Plan Template for CMMC: What to Document
A practical SSP documentation template for your CRM's CMMC assessment. Covers exactly what assessors need to see for CUI handling, access controls, and audit trails.
Cabrillo Club·February 5, 2026
ChecklistsCompliance & Risk
CUI CRM Compliance Decision Tree: Is Your CRM CMMC-Ready?
A visual decision tree to determine if your CRM handles CUI compliantly. Walk through 7 questions to identify your compliance gaps and required remediation steps.
Cabrillo Club·February 5, 2026
Technical Deep DivesCompliance & Risk
RAG Isolation for Proposal Automation: Why It Matters
RAG-powered proposal tools can accelerate wins—but multi-tenant RAG exposes your CUI. Learn why vector database isolation is essential for compliant AI proposal automation.
Cabrillo Club·February 5, 2026
Product ComparisonsCompliance & Risk
GovCon CRM Comparison: What Vendors Won't Tell You
GovCon CRM vendors market compliance features but hide critical gaps. We analyze what Salesforce GovCloud, Unanet, and Deltek CRM actually deliver—and where they fall short.
Cabrillo Club·February 5, 2026
Compliance & RiskDefinitive Guides
CUI-Safe CRM: The Complete Guide for Defense Contractors
Most GovCon CRMs silently ingest CUI through email integrations, creating compliance gaps that fail CMMC assessments. This guide covers CUI handling, platform comparison, and compliant CRM architecture.
Cabrillo Club·February 5, 2026
Compliance & RiskDefinitive Guides
Compliant AI Proposal Automation for GovCon
AI proposal tools promise faster win rates, but most fail CMMC compliance by sending CUI to cloud LLMs. Learn how private AI, ERP-connected revenue forecasting, and compliant workflows change the game.
Cabrillo Club·February 5, 2026
Compliance & RiskDefinitive Guides
Why Most CRMs Are NOT CMMC 2.0 Compliant
Defense contractors assume their CRM is compliant because it's 'made for government.' The reality: most GovCon CRMs fail CMMC 2.0 requirements due to email sync, multi-tenant AI, and audit gaps.
Cabrillo Club·February 5, 2026
Compliance & Risk
SEC Cybersecurity Disclosure Rule: A Practical Compliance Roadmap
The SEC’s cybersecurity disclosure rule raises the bar on incident reporting and governance. Learn what’s required, common gaps, and a realistic plan to reduce risk.
Cabrillo Club·February 1, 2026
SecurityCompliance & Risk
Private AI Isn't a Model Choice. It's an Information Boundary.
Most AI conversations focus on which model to use. The real question is: where does your data flow when you use it? Understanding information boundaries is the first step to controlled AI adoption.
Cabrillo Club·December 24, 2025
Compliance & Risk
Why Audit Trails Matter for AI Compliance
AI without audit trails is a compliance liability. Learn why logging every AI interaction is essential for regulated industries and how to implement it.
Cabrillo Club·December 10, 2025
Compliance & Risk
CMMC 2.0 and Your AI Strategy
CMMC 2.0 is entering phased implementation. If AI touches your CUI, your AI strategy is now a compliance strategy. Here is how to align them.
Cabrillo Club·November 26, 2025