As many Department of Defense (“DoD”) contractors know, if they want to store, process, or transmit covered defense information (“CDI”) with a cloud service provider (“CSP”), then the CSP must meet the security requirements...more
The Defense Federal Acquisition Regulation Supplement (DFARS) is a set of rules that apply to federal defense contractors with access to Controlled Unclassified Information (CUI) and Covered Defense Information (CDI). Defense...more
While Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) is still a work in progress, federal contractors should beware of the existing DFARS cybersecurity requirements. ...more
The U.S. Department of Defense (DoD) has issued a long-awaited interim rule to safeguard unclassified information in the possession of defense contractors by making periodic assessments of a company’s cybersecurity compliance...more
We had the opportunity to attend Department of Defense’s (DoD) Industry Information Day on Friday, June 23, at the Mark Center Auditorium in Alexandria, Virginia. DoD’s Chief Information Officer published advance notice of...more
On October 21, 2016, the Department of Defense (DoD) issued its final rule on Network Penetration Reporting and Contracting for Cloud Services, amending an interim version issued on August 26, 2015, and revised on December...more