Josh Duvall

Overview

Joshua Duvall is a Shareholder in the Washington, D.C. office of Maynard Nexsen and is a member of the firm's Cybersecurity & Privacy Practice Group and Government Solutions Practice Group.

As a member of the Government Solutions Group, Josh is frequently called upon by government contracting executives and industry leaders to navigate their most pressing problems and business opportunities in the complex world of doing business with federal and state governments. Josh regularly counsels and represents civilian and defense contractors in bid protests before the U.S. Government Accountability Office, U.S. Court of Federal Claims, U.S. Court of Appeals for the Federal Circuit, and federal agencies; protests and appeals before the U.S. Small Business Administration (size, status, NAICS); teaming, JV, and subcontract agreements; mergers and acquisitions (M&A); claims and disputes; regulatory matters (FAR, DFARS); construction; federal grants; cybersecurity (CMMC, NIST SP 800-171) and privacy; GSA schedule issues; and other complex matters with a nexus to federal procurement.

As a member of the Cybersecurity & Privacy Group, and former malware (malicious software) analyst and IT systems administrator, Josh is frequently called upon by clients to navigate – and bridge the gap between – complex cybersecurity, technical, business, and legal issues, often in times of crisis, with a focus on data breach incident response and investigations, and related litigation. As part of his practice, Josh also counsels and represents clients in vendor management, cyber risk management, privacy policies, cyber insurance, regulatory compliance, incident response planning, internal and regulatory investigations, corporate transactions, and class actions and other litigation involving cybersecurity and privacy issues.

Prior to joining Maynard, Josh founded and managed a boutique cybersecurity and government contracts law firm in Washington, D.C., where he counseled and represented small – 8(a), WOSB/EDWOSB, HUBZone, SDVOSB – and mid-size businesses in a variety of government contracts, corporate and business, and cybersecurity matters.

Josh received his J.D. from the George Washington University Law School, where he was a member of The Federal Circuit Bar Journal and Fellow at the Competition Law Center. Prior to practicing law, Josh worked in the IT and cybersecurity space, including as an IT systems administrator and malware analyst.

Josh is a Certified Information Systems Security Professional (CISSP) and is a frequent presenter and author on government contracts and cybersecurity issues.

To stay current with the latest news, insights, and legal analysis in the government contracting space, visit Josh's blog, www.GovConJudicata.com.

Josh lives in Reston, VA with his wife, Shaina, and their daughter, Hannah.

Community & Professional

Vice-Chair, Bid Protest Committee, American Bar Association, Section of Public Contract Law
Vice-Chair, Membership Committee, American Bar Association, Section of Public Contract Law
Member, AFCEA Small Business Committee
Member, International Information System Security Certification Consortium (ISC)²
Member, National Contract Management Association (NCMA)
Member, GovCon Club
Founding Member, Leadership GovCon

Media

News

10.30.2024 | News from Maynard Nexsen
OrangeSlices.AI Names Josh Duvall as a 2025 Engage Federal Citizen Services 150 Honoree
02.22.2024 | News from Maynard Nexsen
Joshua Duvall Published in Law360 Article - Opportunities for the Department of Defense to Improve Flexibility Under Proposed Cyber Rule
01.11.2023
Government Solutions Shareholders Joshua Duvall and David Yang Published By Law360
08.31.2022
Joshua Duvall to Present on Bid Protests at the National HUBZone Conference
02.18.2022
Joshua Duvall Provides Congressional Testimony on Federal Contracting and SBA Programs
08.03.2021
Maynard Adds Respected Government Contracts Attorney to DC Office

Speaking Engagements

“Debriefings, Bid Protests, and Small Business Regulatory Update” – AFCEA Small Business Committee Webinar
“CMMC Legal Landscape” – CMMC Information Institute, Virtual Panel
“Bid Protests” – Jennifer Schaus & Associates, GovCon “LIVE” Q&A Café, Virtual Panel
“DFARS Part 202 – Definitions of Words and Terms” – J. Schaus & Associates, 2021 DFARS Webinar Series
“A Conversation: NIST SP 800-171 DoD Assessments and CMMC” – Blue Ridge GovCon Best Practices Series, Virtual Panel
“Government Contracting Law: Your Questions Answered” – AFCEA Small Business Webinar Series, Webinar
“CMMC Panel Discussion” – NVSBC Central Florida Chapter, Virtual Panel
“Basic Training: Small Business Legal and Regulatory Issues” – National Veteran Small Business Coalition V-VETS'20, Webinar
“Getting the Most Out of FAR Part 15 Debriefings” – 2020 HUBZone Small Business Week, Webinar
“GAO Bid Protests Explored!” – Glenn Robinson & Blue Ridge Information Systems, GovCon Best Practices Series, Webinar
“FAR Part 7 – Acquisition Planning” – J. Schaus & Associates, 2020 FAR Webinar Series
“Government Contracts Bid Protests in 2019: Latest Trends, Developments, and Issues Explored!” – The Knowledge Group, Webinar/Course (CLE credits available)
“Debriefings and Bid Protests” – 2019 National HUBZone Conference, Chantilly, VA
“Pitfalls and Perils of Compliance” – Florida 8(a) Alliance's 2019 Federal Contracting Conference, Orlando, FL
“Legal Challenges in Cybersecurity: Data Breaches, Security Assessments, and Cyber Insurance Coverage” – (ISC)² Miami Chapter, Miami, FL
“Effective Strategies for Government Contract Debriefings and Bid Protests” – NCMA Mid-Florida Chapter, Orlando, FL
“Small Business Primer: Government Contract Debriefings and Bid Protests” – Florida 8(a) Alliance, Webinar"
"Data Breaches and Crisis Management Planning” – Compliance Week 2018, Washington, DC
“Product Security and Compliance Risks with Emerging Technologies” – Compliance Week 2018, Washington, DC
“Mentor-Protégé, Joint Venture, and Teaming Agreements” – NVSBC South Florida Chapter, Doral, FL
“Best Practices for Debriefings and Protests” – Florida PTAC at UCF, Orlando, FL
“Engagement in Defense Innovation and Technologies” – TiECon Florida, Tampa, FL
“Contracts 101: The Basics” – In The Trenches MBA Summit, Webinar
“GAO Bid Protests: Small Business Primer” – Federal Publications Seminars, Webinar

Insights

10.18.2024 | Article
DOD Finalizes CMMC 2.0 Program Final Rule
07.19.2024 | Blog Post
GAO Decision Highlights Agency’s Evaluation of Mentor-Protégé Joint Venture, But Could Unintentionally Lead Industry Astray on SBA’s Workshare Rule
04.30.2024 | Alert
Cyber Agency Issues Proposed Rule on Cyber Incident Reporting for Critical Infrastructure
04.30.2024 | Alert
White House Issues New National Security Memorandum on Critical Infrastructure

Blog Posts

Josh Duvall Quoted by Law360 on Executive Order Regarding GSA Contract Consolidation
Blog, 03.26.2025
DOD Issues Guidance to Contracting Officers Regarding Solicitations and Contracts with DEIA Requirements
Blog, 02.04.2025
White House Issues Sweeping Pause to Federal Assistance Programs to Enable Administration Review
Blog, 01.28.2025
Josh Duvall Publishes Article for Law360 on a Rising Trend in GAO Protests: The Key Personnel Unavailability Defense
Blog, 01.28.2025
FAR Council Publishes Final Rule to Update Suspension and Debarment Procedures
Blog, 01.03.2025
SBA Publishes Major Rule Change: Heeding Input, the Administration Clarifies and Refines M&A-Related Rules to Ease Concerns
Blog, 12.20.2024
FAR Council Issues Proposed Rule to Adjust Acquisition-Related Thresholds for Inflation
Blog, 12.02.2024
5 Takeaways: GAO Bid Protest Annual Report to Congress for FY 2024
Blog, 11.19.2024
FAR Council Publishes Interim Rule to Remove Continuity Requirement from SAM.gov Registration Clause
Blog, 11.13.2024
OrangeSlices.AI Names Josh Duvall as a 2025 Engage Federal Citizen Services 150 Honoree
Blog, 10.30.2024
SBA Issues Proposed Rule to Require "Rule of Two" for Orders Under Multiple Award Contracts
Blog, 10.28.2024
7 (Other) Reasons to Intervene in Bid Protests: What Awardees Need to Know
Blog, 09.23.2024
SBA Proposes Rule That Will Change M&A Landscape for Small Business, Recertifications to Impact Award Eligibility
Blog, 09.17.2024
SBA Proposes to Amend its Negative Control Rule, Which Could Have Major Implications for Small Biz and Minority Shareholders, Investors
Blog, 09.13.2024
ARTICLE ALERT: The Impact of a Recent GAO Decision Regarding an Agency's Evaluation of a Mentor-Protégé Joint Venture
Blog, 07.18.2024
GAO Decision Shows that Even a 1-Day Lapse in SAM Registration Can Sink Your Bid
Blog, 04.15.2024
Joshua Duvall Publishes Article for Law360 on DOD's Proposed Rule for its Cybersecurity Maturity Program
Blog, 02.23.2024
FAR Council Publishes its Semiannual Regulatory Agenda
Blog, 02.09.2024
Joshua Duvall Quoted by Law360 on Recent OMB Guidance Impacting Small Business Contracting
Blog, 02.05.2024
White House Announces OMB Guidance to Increase Small Business Contracting Opportunities
Blog, 01.29.2024
Recent GAO Decision Highlights GAO's Jurisdiction Over Protests Involving Task Orders
Blog, 01.08.2024
SDVOSB Self-Certification Grace Period to Expire: Submit Applications by Dec 31 To Remain Eligible While Applications are Pending
Blog, 12.29.2023
Recent FCA Settlement Highlights Small Business Certification Issues in Private Equity Transactions
Blog, 12.08.2023
4 Takeaways: GAO Bid Protest Annual Report to Congress for FY 2023
Blog, 11.01.2023
Joshua Duvall Quoted by Law360 on Federal Court Decision Impacting the SBA 8(a) Program
Blog, 08.23.2023
ALERT: SBA to Require All Individually-Owned 8(a)s to Affirmatively Establish Social Disadvantage
Blog, 08.17.2023
Maynard Nexsen Shareholder to present at 2023 National HUBZone Conference
Blog, 08.15.2023
Court Enjoins Rebuttable Presumption in 8(a) Program: What's Next for Future, Current Participants?
Blog, 08.09.2023
Hello Q4: SBA Clarifies 8(a) Sole Source Rules, Individual 8(a)s Have More Options for Larger Awards
Blog, 07.24.2023
DoD Issues Proposed Rule to Address Domestic Preferences for Defense Contracts
Blog, 07.12.2023
FAR Council Publishes Rule to Ban TikTok Applications in Government Contracting
Blog, 06.05.2023
7 Reasons to Intervene in Bid Protests
Blog, 02.02.2023
2 Ways the FTC’s Proposed Rule Against Non-Competes Could Impact the Government Contracting Sector
Blog, 01.20.2023
FY23 NDAA Includes Inflation Relief for Defense Contractors
Blog, 12.16.2022
SBA Inflationary Increase: Size Standards, Economic Disadvantage, and 8(a) Sole Source Thresholds
Blog, 12.02.2022
Transportation Moving Forward with Buy America Relief for Certain Contracts
Blog, 11.17.2022
4 Takeaways: GAO Bid Protest Annual Report to Congress for FY 2022
Blog, 11.02.2022
DoD Issues Class Deviation on Small Biz Joint Ventures and SAM Registration
Blog, 10.27.2022
Buy American Act Content Requirements Are Tightening Again, Are You Prepared?
Blog, 10.24.2022
DoD Issues Memo on Contractual Remedies for Non-Compliance with Cybersecurity Requirements
Blog, 07.01.2022
SBA Rule Extends Lookback for Employee-Based Size Standards to 24 Months
Blog, 06.06.2022
GAO Report: Key Takeaways for DOD Space System Acquisitions
Blog, 04.19.2022
OFCCP to Require Contractor Pay Equity Analysis as Part of Audit Process
Blog, 03.17.2022
Federal Contractors (and Subs) to Certify Affirmative Action Program Compliance Starting March 31
Blog, 02.10.2022
GAO: Agencies Must Adequately Explain Why a Superior Technical Offer Warrants Paying a Higher Price
Blog, 01.27.2022
CLIENT ALERT: Federal Judge Blocks Contractor Vax Mandate in KY, TN, OH. What States Could Be Next?
Blog, 12.02.2021
DoD Announces CMMC 2.0 Program
Blog, 11.05.2021
CLIENT ALERT: Safer Federal Workforce Federal Contractor Guidance on Vaccine Mandate and Workplace Safety
Blog, 10.22.2021
GAO: Small Biz Joint Ventures Can Use Member FCLs to Pursue DoD Contracts
Blog, 10.13.2021
Safer Federal Workforce Publishes Broad Contractor Guidance on Vaccine Mandate
Blog, 09.28.2021
FAR Council Publishes Final Rule on Good Faith in Small Business Subcontracting
Blog, 08.17.2021
GAO: Price Realism Not Ordinarily Permitted in Fixed-Price Procurements
Blog, 08.13.2021

Joshua Duvall

Practices

Education