The Department of Defense (DoD) recently published an interim rule that sets forth its Cybersecurity Maturity Model Certification (CMMC) program plan, as well as new requirements for a “NIST SP 800-171 DoD Assessment...more
At long last, the Department of Defense (“DoD”) has provided its interim rule, published in the Federal Register on September 29, 2020, amending the Defense Federal Acquisition Regulation Supplement (“DFARS”) to set forth...more
On July 14, 2020 the Department of Defense (“DoD”), General Services Administration (“GSA”), and the National Aeronautics and Space Administration (“NASA”) published an Interim Rule amending the Federal Acquisition Regulation...more
7/15/2020
/ China ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
General Services Administration (GSA) ,
Interim Rule ,
NASA ,
NDAA ,
Supply Chain ,
Technology Sector ,
Telecommunications
A lot has happened since the Department of Defense (“DOD”) released its Cybersecurity Maturity Model Certification (CMMC) v. 1.0 back in February (see our prior discussion here). In addition to developments with the CMMC...more
To further assist the contractor community with the effects of the unprecedented Coronavirus Disease 2019 (COVID-19), the U.S. Department of Defense (DoD) issued on April 8, 2020 a Class Deviation authorizing contracting...more
Cybersecurity Maturity Model Certification (“CMMC”) v.1.0, after releasing several draft versions of the document over the past year. In an effort to enhance supply chain security, the CMMC sets forth unified cybersecurity...more
At the end of 2019, the Department of Defense (“DoD”) took another step to limit the potential cyber risks posed by telecommunications equipment manufactured by Chinese companies (and potentially Russian ones too). We...more
1/31/2020
/ China ,
Comment Period ,
Cybersecurity ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Huawei ,
Interim Rule ,
NDAA ,
System For Award Management (SAM) ,
Telecommunications ,
ZTE
We recently wrote about the FAR Council’s release of an interim rule implementing restrictions on procurements involving certain Chinese telecommunications hardware manufacturers and service providers, such as Huawei and ZTE....more
In accordance with Section 889(a)(1)(A) of the 2019 National Defense Authorization Act (Pub. L. No. 115-232) (the “2019 NDAA”), which required imposition of broad restrictions on procurements involving certain Chinese...more
8/14/2019
/ China ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Huawei ,
Interim Rule ,
NDAA ,
Reporting Requirements ,
Supply Chain ,
Telecommunications ,
US Trade Policies
The Government remains intensely focused on how best to protect its Controlled Unclassified Information (CUI) once it is released to contractors. In a shift from its initial approach of “we will take the contractor’s word for...more
In 2019, cybersecurity has become top-of-mind for most federal government contractors and agencies that share sensitive information. In addition to updated Department of Defense guidance and procedures for evaluating...more
4/30/2019
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Government Agencies ,
Information Security ,
Internet of Things ,
NIST ,
Policies and Procedures ,
Popular ,
Proposed Legislation ,
Risk Assessment ,
Sensitive Business Information ,
Vendors
Pursuant to DFARS 252.204-7012, DoD contractors are to implement the security requirements in NIST Special Publication (SP) 800-171 by December 31, 2017. NIST SP 800-171 includes security requirements for protecting...more