News & Analysis as of

Cybersecurity Controlled Unclassified Information (CUI) Reporting Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Morrison & Foerster LLP - Government...

Proposed Regulation on Controlled Unclassified Information Standardizes Process for CUI Identification and Handling Across Federal...

Morrison & Foerster LLP - Government... on

The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more

Blank Rome LLP

The FAR Council Publishes Long-Awaited CUI Rule

Blank Rome LLP on

On January 15, 2025, the Federal Acquisition Regulation (“FAR”) Council issued its long-awaited “CUI Rule.” CUI, or Controlled Unclassified Information, is information that the government creates or possesses, or that an...more

BakerHostetler

Navigating Cyber and Legal Challenges During the M&A Process: Quick Considerations for Federal Contractors

BakerHostetler on

Merger and acquisition (M&A) activity is often the lifeblood of corporate growth. While whole treatises can be, and have been, written on cybersecurity and legal challenges during M&A activity, the following are a few key...more

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

Bass, Berry & Sims PLC on

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

Holland & Knight LLP

Department of Homeland Security Using Cybersecurity Readiness as an Evaluation Factor

Holland & Knight LLP on

The U.S. Department of Homeland Security (DHS) on Nov. 1, 2023, announced that cybersecurity readiness would be used as an evaluation factor for contracts involving the use of Controlled Unclassified Information (CUI). This...more

Bradley Arant Boult Cummings LLP

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

Bradley Arant Boult Cummings LLP on

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more

Sheppard Mullin Richter & Hampton LLP

NIST Releases Initial Public Draft of NIST SP 800-171, Revision 3 for Protection of Sensitive Government Information

Sheppard Mullin Richter & Hampton LLP on

The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more

Bradley Arant Boult Cummings LLP

New “Basic Assessment” Is a Bridge to CMMC for Defense Contractors

Bradley Arant Boult Cummings LLP on

The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more

Pillsbury Winthrop Shaw Pittman LLP

December 31, 2017 Deadline for Cybersecurity under DFARS 252.204-7012 Re-Interpreted

Pillsbury Winthrop Shaw Pittman LLP on

The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents. A defense contractor’s updated and current System Security...more

Burr & Forman

Two End-of-Year Federal Government Deadlines Approaching

Burr & Forman on

Significant Changes to Online Copyright (DMCA) Safe Harbor and DoD Contractor Cybersecurity (NIST 800-171) Requirements Take Effect at the End of This Year. Important Change Affecting Digital Millennium Copyright Act...more

Jackson Lewis P.C.

DoD Updates Cyber Incident Reporting Rule

Jackson Lewis P.C. on

On October 4, 2016, a final rule implementing statutory requirements for Department of Defense (DoD) contractors and subcontractors to report cyber incidents that result in an actual or potentially adverse effect on a covered...more

Perkins Coie

New DoD Cybersecurity Rule and How Contractors Can Reduce Their Risks

Perkins Coie on

The Department of Defense (DoD) issued an interim cybersecurity rule in August 2015 that, among other things, revises the existing Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity clause and increases...more

Davis Wright Tremaine LLP

DoD New Cyber Security Reporting Rules for Contractors

Davis Wright Tremaine LLP on

In a move that highlights the changing winds of federal cybersecurity policy, the Department of Defense (“DoD”) has issued an interim Rule (“Rule”) that imposes new security and reporting requirements on federal contractors,...more

Holland & Knight LLP

DoD's New Cybersecurity and Cloud Standards and Reporting Requirements

Holland & Knight LLP on

The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more

King & Spalding

Defense Department Issues Interim Rule Requiring Contractor and Subcontractor Reporting of Cyber Incidents

King & Spalding on

On August 26, 2015, the Department of Defense (DoD) published a long-awaited Interim Rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to require “rapid” reporting of “cyber incidents” that result in...more

17 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide