Covington & Burling LLP operates as a limited liability partnership worldwide, with the practice in England and Wales conducted by an affiliated
limited liability multinational partnership, Covington & Burling LLP, which is formed under the laws of the State of Delaware in the United States
and authorized and regulated by the Solicitors Regulation Authority with registration number 77071..
Ryan Burnette is a government contracts and technology-focused lawyer that advises on federal contracting compliance requirements and on government and internal investigations that stem from these obligations. Ryan has particular experience with defense and intelligence contracting, as well as with cybersecurity, supply chain, artificial intelligence, and software development requirements.
Ryan also advises on Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) compliance, public policy matters, agency disputes, and government cost accounting, drawing on his prior experience in providing overall direction for the federal contracting system to offer insight on the practical implications of regulations. He has assisted industry clients with the resolution of complex civil and criminal investigations by the Department of Justice, and he regularly speaks and writes on government contracts, cybersecurity, national security, and emerging technology topics.
Ryan is especially experienced with:
Government cybersecurity standards, including the Federal Risk and Authorization Management Program (FedRAMP); DFARS 252.204-7012, DFARS 252.204-7020, and other agency cybersecurity requirements; National Institute of Standards and Technology (NIST) publications, such as NIST SP 800-171; and the Cybersecurity Maturity Model Certification (CMMC) program.
Software and artificial intelligence (AI) requirements, including federal secure software development frameworks and software security attestations; software bill of materials requirements; and current and forthcoming AI data disclosure, validation, and configuration requirements, including unique requirements that are applicable to the use of large language models (LLMs) and dual use foundation models.
Supply chain requirements, including Section 889 of the FY19 National Defense Authorization Act; restrictions on covered semiconductors and printed circuit boards; Information and Communications Technology and Services (ICTS) restrictions; and federal exclusionary authorities, such as matters relating to the Federal Acquisition Security Council (FASC).
Information handling, marking, and dissemination requirements, including those relating to Covered Defense Information (CDI) and Controlled Unclassified Information (CUI).
Federal Cost Accounting Standards and FAR Part 31 allocation and reimbursement requirements.
Prior to joining Covington, Ryan served in the Office of Federal Procurement Policy in the Executive Office of the President, where he focused on the development and implementation of government-wide contracting regulations and administrative actions affecting more than $400 billion dollars’ worth of goods and services each year. While in government, Ryan helped develop several contracting-related Executive Orders, and worked with White House and agency officials on regulatory and policy matters affecting contractor disclosure and agency responsibility determinations, labor and employment issues, IT contracting, commercial item acquisitions, performance contracting, schedule contracting and interagency acquisitions, competition requirements, and suspension and debarment, among others. Additionally, Ryan was selected to serve on a core team that led reform of security processes affecting federal background investigations for cleared federal employees and contractors in the wake of significant issues affecting the program. These efforts resulted in the establishment of a semi-autonomous U.S. Government agency to conduct and manage background investigations.
Representation of leading U.S. government contractors in multiyear parallel criminal and civil investigations by DOJ relating to compliance with complex government regulations.
Representation of multiple contractors in cybersecurity related investigations, including retrospective reviews of compliance processes and adherence to technical security control requirements.
Representation of multiple contractors in internal investigations relating to executive misconduct and cost and labor mischarging issues.
Cybersecurity and Supply Chain
Provision of compliance and disclosure advice stemming from federal cybersecurity standards and controls under applicable regulations, including those pertaining to information management, data classification, and information system protection requirements.
Representation of multiple contractors in cybersecurity incident response, including on government and contractor notifications and assessment of impact to government data.
Representation of multiple federal contractors in supply chain risk assessments, including on use of prohibited telecommunications equipment and services and vendor management.
Assistance relating to U.S. Government national security reviews, including matters relating to the Federal Acquisition Security Council.
Diligence of numerous contractors for assessment of compliance with federal cybersecurity and government contracting obligations in the mergers and acquisition context.
Software and Artificial Intelligence
Provision of compliance assistance relating to the Office of Management and Budget’s mandatory secure software development framework requirements and accompany government attestations.
Assistance to multiple technology companies regarding compliance with Executive Order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence and forthcoming legislation.
Development of software license agreement terms for government contractors.
Government Cost Accounting and Pricing
Representation of government contractor in review and defense of its cost accounting practices in agency dispute, including compliance with a range of Cost Accounting Standards allocability requirements and Federal Acquisition Regulation cost principles.
Assisted contractor with complex financial analysis and disclosure of a pricing issue relating to a Federal Supply Schedule contract.
Defended contractor against Defense Contract Audit Agency recommendation to disallow a significant amount of incurred costs.
Advised contractor on the cost accounting treatment of inter-organizational services and home office allocations.
Representation of USAID grantee in appeal of cost allowability determination under USAID supplemental regulations.
Representation of Department of State grantee in cost allowability dispute relating to multiple asserted non-compliances under Uniform Guidance requirements.
Compliance Advice, Agency Disputes, and Other Matters
Assisted major contractor with successfully contesting agency threat to terminate for default on large government contract.
Assisted major government contractor with review and due diligence of labor practices in its supply chain.
Advised major technology company on development of terms of services agreements and compliance with government contracting requirements.
Assisted contractor in connection with a teaming arrangement to provide utility services for a government installation.