News & Analysis as of May 5, 2025

Reporting Requirements

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

Cybersecurity in the First 100 Days

WilmerHale on 5/2/2025

This week, the Trump Administration reached the 100-day mark—a significant milestone in any presidential term wherein key administrative priorities and objectives are promulgated. Perhaps unsurprisingly, cybersecurity stands...more

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on 2/21/2025

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Proposed Regulation on Controlled Unclassified Information Standardizes Process for CUI Identification and Handling Across Federal...

Morrison & Foerster LLP - Government... on 1/24/2025

The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more

Not Just for DoD Anymore: New Proposed CUI Rule to Apply to All Federal Contractors

Wilson Sonsini Goodrich & Rosati on 1/24/2025

On January 15, 2025, the Federal Acquisition Regulatory (FAR) Council issued a proposed rule that, if adopted, would uniformly define and protect Controlled Unclassified Information (CUI) across the government. The proposed...more

FY2025 NDAA: Significant Impacts on Small and Large Defense Contractors

PilieroMazza PLLC on 1/22/2025

The Servicemember Quality of Life Improvement and National Defense Authorization Act for Fiscal Year 2025 (FY2025 NDAA), signed into law on December 23, 2024, has significant implications for defense acquisition and...more

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on 1/8/2025

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Navigating Cyber and Legal Challenges During the M&A Process: Quick Considerations for Federal Contractors

BakerHostetler on 10/29/2024

Merger and acquisition (M&A) activity is often the lifeblood of corporate growth. While whole treatises can be, and have been, written on cybersecurity and legal challenges during M&A activity, the following are a few key...more

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on 8/16/2024

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

CISA’s CIRCIA Proposed Rule: Another Player Enters the Reporting Regime

McCarter & English Blog: Government Contracts... on 5/28/2024

Cyber incidents involving critical infrastructure pose a serious risk to the US. In March 2024, the Environmental Protection Agency and the National Security Advisor warned state governors about potential attacks on drinking...more

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

Bass, Berry & Sims PLC on 5/9/2024

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

New CISA Cybersecurity Incident Reporting Requirements Proposed for Critical Infrastructure Companies

Akin Gump Strauss Hauer & Feld LLP on 4/24/2024

On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more

CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service...

Sheppard Mullin Richter & Hampton LLP on 4/9/2024

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more

CISA Proposes Sweeping Cybersecurity Incident Reporting for U.S. Companies

Paul Hastings LLP on 4/2/2024

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more

DOD Issues Memo on FedRAMP Requirements for Defense Contractors

Ankura on 2/8/2024

On December 21, 2023, the Department of Defense (DoD) issued a memorandum (Memo) providing guidance and clarification on the security and cyber incident management requirements applicable for the use of external Cloud Service...more

Cyber Incident Reporting May Be “Material” for Federal Contractors

Bass, Berry & Sims PLC on 11/29/2023

Last month, the Federal Acquisition Regulatory Council proposed new cybersecurity and incident reporting regulations for federal contractors on behalf of the Department of Defense (DoD), the General Services Administration...more

Government Contractors Beware: New Cybersecurity Rules and False Claims Act Enforcement Actions on the Rise

Akin Gump Strauss Hauer & Feld LLP on 11/3/2023

Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

Bradley Arant Boult Cummings LLP on 6/26/2023

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more

The Digital Download – Alston & Bird’s Privacy, Cyber & Data Strategy Newsletter – November 2021

Alston & Bird on 11/19/2021

Selected Developments in U.S. Law - Department of Defense Suspends the CMMC Pilot Program and CMMC Requirements in DoD Solicitations Pending Major Changes for CMMC 2.0. On November 5, 2021, the Department of Defense...more

Bipartisan Senators Introduce Cyber Incident Notification Act of 2021

Pillsbury Winthrop Shaw Pittman LLP on 7/28/2021

The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security. The Act would impose a 24-hour reporting requirement on federal...more

Executive Order on Cybersecurity Sets Aggressive Timeline

Bradley Arant Boult Cummings LLP on 5/17/2021

The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor...more

Critical Changes for U.S. Cleared Facilities

Bradley Arant Boult Cummings LLP on 3/18/2021

Two significant changes are underway by the Defense Counterintelligence and Security Agency (DCSA) – both of which require the immediate attention of businesses that hold a U.S. security clearance or are in the process of...more

New “Basic Assessment” Is a Bridge to CMMC for Defense Contractors

Bradley Arant Boult Cummings LLP on 11/13/2020

The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more

Navy-Marine Corps Issue Supplement to DFARS Cybersecurity Rule

Stinson - Government Contracting Matters on 10/11/2019

In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant...more

Legal Advisor Newsletter - First Quarter 2019

PilieroMazza PLLC on 3/5/2019

The Legal Advisor is a newsletter distributed by the firm to our clients, friends and business contacts. The publication addresses current issues that are of concern to federal government contractors and commercial businesses...more

Congressional Blue-Ribbon Panel Recommends Major Changes to DoD Acquisition Process

Pillsbury Winthrop Shaw Pittman LLP on 1/18/2019

The Section 809 Panel has issued its final report with additional recommendations to streamline the DoD acquisition process, some of which would make revolutionary changes. The Section 809 Panel is a Congressionally...more

52 Results

View per page

Page: of 3

Cybersecurity › Department of Defense (DOD) › Reporting Requirements

"My best business intelligence, in one easy email…"