With Congress unable to pass cybersecurity legislation by the August recess, the executive agencies are proceeding to regulate government contractors with access to government information. Specifically, on August 24, 2012, the Federal Acquisition Regulation (FAR) Council proposed a new clause requiring contractors to maintain minimum data protection standards. Comments on the proposal are due October 23, 2012. As explained below, GSA already has in place cybersecurity standards for its contractors, and DoD has proposed its own set of rules. These specific agency rules take precedent over this new FAR clause.
Once final, the new FAR clause will apply to civilian, DoD and NASA contracts exceeding the simplified acquisition threshold ($150,000), including commercial acquisitions. The clause must be flowed down to subcontracts at any tier. The new clause, which will be in FAR Part 52.204, identifies seven basic safeguards for contractor information systems through which nonpublic information generated by or for government either resides or transits. The basic safeguards are...
Please see full alert below for more information.
Firefox recommends the PDF Plugin for Mac OS X for viewing PDF documents in your browser.
We can also show you Legal Updates using the Google Viewer; however, you will need to be logged into Google Docs to view them.
Please choose one of the above to proceed!
LOADING PDF: If there are any problems, click here to download the file.