News & Analysis as of

Cybersecurity DFARS Reporting Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Morrison & Foerster LLP - Government...

Proposed Regulation on Controlled Unclassified Information Standardizes Process for CUI Identification and Handling Across Federal...

Morrison & Foerster LLP - Government... on

The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more

Sheppard Mullin Richter & Hampton LLP

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

WilmerHale

8 Questions To Ask Before Final CISA Breach Reporting Rule

WilmerHale on

On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

Bass, Berry & Sims PLC on

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

Paul Hastings LLP

CISA Proposes Sweeping Cybersecurity Incident Reporting for U.S. Companies

Paul Hastings LLP on

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more

Ankura

DOD Issues Memo on FedRAMP Requirements for Defense Contractors

Ankura on

On December 21, 2023, the Department of Defense (DoD) issued a memorandum (Memo) providing guidance and clarification on the security and cyber incident management requirements applicable for the use of external Cloud Service...more

Bradley Arant Boult Cummings LLP

Executive Order on Cybersecurity Sets Aggressive Timeline

Bradley Arant Boult Cummings LLP on

The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor...more

Bradley Arant Boult Cummings LLP

New “Basic Assessment” Is a Bridge to CMMC for Defense Contractors

Bradley Arant Boult Cummings LLP on

The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more

Stinson - Government Contracting Matters

Navy-Marine Corps Issue Supplement to DFARS Cybersecurity Rule

Stinson - Government Contracting Matters on

In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant...more

Holland & Knight LLP

Government Contractors Should Expect Another Level of Cybersecurity Requirements

Holland & Knight LLP on

The Department of Defense’s cybersecurity requirements for Covered Defense Information became effective on Dec. 31, 2017. See DFARS 52.204-7012. There is no corresponding FAR cybersecurity rule, leaving the civilian agencies...more

Pillsbury Winthrop Shaw Pittman LLP

December 31, 2017 Deadline for Cybersecurity under DFARS 252.204-7012 Re-Interpreted

Pillsbury Winthrop Shaw Pittman LLP on

The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents. A defense contractor’s updated and current System Security...more

Burr & Forman

Two End-of-Year Federal Government Deadlines Approaching

Burr & Forman on

Significant Changes to Online Copyright (DMCA) Safe Harbor and DoD Contractor Cybersecurity (NIST 800-171) Requirements Take Effect at the End of This Year. Important Change Affecting Digital Millennium Copyright Act...more

Cooley LLP

Alert: DoD Contractors Required to Meet Cybersecurity Requirements by Year End

Cooley LLP on

The window for Department of Defense (DoD) contractors to bring themselves into compliance with cybersecurity requirements is closing. Specifically, changes to the Defense Federal Acquisition Regulation Supplement (DFARS)...more

Orrick, Herrington & Sutcliffe LLP

DFARS and DIB: Compliance Steps for DoD’s Newly Finalized Cybersecurity Rules for Contractors

Orrick, Herrington & Sutcliffe LLP on

For businesses that work with the U.S. Department of Defense (“DoD”), two important rules for safeguarding certain categories of sensitive information and reporting cyber incidents were recently finalized, updating the...more

Kilpatrick

Department of Defense (DoD) Issues Final Rule on Safeguarding Covered Defense Information and Related Information Security...

Kilpatrick on

On October 21, 2016, the Department of Defense (“DoD”) issued a final rule (the “final rule”) codifying the specific actions DoD contractors and subcontractors must take to adequately safeguard “covered defense information”...more

Holland & Knight LLP

DoD Finalizes Cybersecurity and Cloud Computing Rule

Holland & Knight LLP on

On October 21, 2016, the Department of Defense (DoD) issued a final rule following-up on the interim rules it had issued on August 26 and December 30, 2015, regarding safeguarding contractor networks and purchasing cloud...more

Blank Rome LLP

DOD Expands Cyber Security Rules for Defense Contractors

Blank Rome LLP on

Action Item: Through a new version of its Cyber Security Clause, the Department of Defense (“DOD”) is directing defense contractors to extend their cyber defense and reporting requirements beyond their recognizable supply...more

Perkins Coie

New DoD Cybersecurity Rule and How Contractors Can Reduce Their Risks

Perkins Coie on

The Department of Defense (DoD) issued an interim cybersecurity rule in August 2015 that, among other things, revises the existing Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity clause and increases...more

Wilson Sonsini Goodrich & Rosati

Department of Defense Issues New Cybersecurity Rules for Defense Agencies That Use Contractors and Cloud Services to Hold...

Wilson Sonsini Goodrich & Rosati on

The U.S. Department of Defense (DOD) recently published an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS).1 The interim rule, effective August 26, 2015, focuses on two issues. First, the...more

Sheppard Mullin Richter & Hampton LLP

Have DoD Contractors and Subcontractors Been Drafted? Once Voluntary Defense Industrial Base CS/IA Regulations Now Mandatory and...

Sheppard Mullin Richter & Hampton LLP on

When last we left the Department of Defense, they had issued a rather wide-reaching interim DFARS rule addressing cybersecurity practices, data retention, and cloud services purchasing guidance. Now, effective October 2,...more

Robinson+Cole Data Privacy + Security Insider

Interim rule requires Department of Defense contractors to report cyber breaches

Robinson+Cole Data Privacy + Security Insider on

Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more

Davis Wright Tremaine LLP

DoD New Cyber Security Reporting Rules for Contractors

Davis Wright Tremaine LLP on

In a move that highlights the changing winds of federal cybersecurity policy, the Department of Defense (“DoD”) has issued an interim Rule (“Rule”) that imposes new security and reporting requirements on federal contractors,...more

Holland & Knight LLP

DoD's New Cybersecurity and Cloud Standards and Reporting Requirements

Holland & Knight LLP on

The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more

27 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide