News & Analysis as of

Department of Defense (DOD) Cybersecurity Reporting Requirements

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

McCarter & English Blog: Government Contracts...

CISA’s CIRCIA Proposed Rule: Another Player Enters the Reporting Regime

Cyber incidents involving critical infrastructure pose a serious risk to the US. In March 2024, the Environmental Protection Agency and the National Security Advisor warned state governors about potential attacks on drinking...more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

Akin Gump Strauss Hauer & Feld LLP

New CISA Cybersecurity Incident Reporting Requirements Proposed for Critical Infrastructure Companies

On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more

Sheppard Mullin Richter & Hampton LLP

CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service...

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more

Paul Hastings LLP

CISA Proposes Sweeping Cybersecurity Incident Reporting for U.S. Companies

Paul Hastings LLP on

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more

Ankura

DOD Issues Memo on FedRAMP Requirements for Defense Contractors

Ankura on

On December 21, 2023, the Department of Defense (DoD) issued a memorandum (Memo) providing guidance and clarification on the security and cyber incident management requirements applicable for the use of external Cloud Service...more

Bass, Berry & Sims PLC

Cyber Incident Reporting May Be “Material” for Federal Contractors

Bass, Berry & Sims PLC on

Last month, the Federal Acquisition Regulatory Council proposed new cybersecurity and incident reporting regulations for federal contractors on behalf of the Department of Defense (DoD), the General Services Administration...more

Akin Gump Strauss Hauer & Feld LLP

Government Contractors Beware: New Cybersecurity Rules and False Claims Act Enforcement Actions on the Rise

Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more

Bradley Arant Boult Cummings LLP

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy, Cyber & Data Strategy Newsletter – November 2021

Alston & Bird on

Selected Developments in U.S. Law - Department of Defense Suspends the CMMC Pilot Program and CMMC Requirements in DoD Solicitations Pending Major Changes for CMMC 2.0. On November 5, 2021, the Department of Defense...more

Pillsbury Winthrop Shaw Pittman LLP

Bipartisan Senators Introduce Cyber Incident Notification Act of 2021

The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security. The Act would impose a 24-hour reporting requirement on federal...more

Bradley Arant Boult Cummings LLP

Executive Order on Cybersecurity Sets Aggressive Timeline

The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor...more

Bradley Arant Boult Cummings LLP

Critical Changes for U.S. Cleared Facilities

Two significant changes are underway by the Defense Counterintelligence and Security Agency (DCSA) – both of which require the immediate attention of businesses that hold a U.S. security clearance or are in the process of...more

Bradley Arant Boult Cummings LLP

New “Basic Assessment” Is a Bridge to CMMC for Defense Contractors

The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more

Stinson - Government Contracting Matters

Navy-Marine Corps Issue Supplement to DFARS Cybersecurity Rule

In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant...more

PilieroMazza PLLC

Legal Advisor Newsletter - First Quarter 2019

PilieroMazza PLLC on

The Legal Advisor is a newsletter distributed by the firm to our clients, friends and business contacts. The publication addresses current issues that are of concern to federal government contractors and commercial businesses...more

Pillsbury Winthrop Shaw Pittman LLP

Congressional Blue-Ribbon Panel Recommends Major Changes to DoD Acquisition Process

The Section 809 Panel has issued its final report with additional recommendations to streamline the DoD acquisition process, some of which would make revolutionary changes. The Section 809 Panel is a Congressionally...more

Pillsbury Winthrop Shaw Pittman LLP

New Proposed DoD Cyber Guidance May Fuel Bid Protest Docket

Newly published draft DoD Guidance for Reviewing System Security Plans (SSP) and the “NIST SP 800-171 Security Requirements Not Yet Implemented” answer some questions but may also result in an increased protest docket due to...more

Williams Mullen

ITAR for Government Contractors - New Developments for 2018

Williams Mullen on

ITAR is an important area of regulation for government contractors. This includes firms in the defense, technical services, information technology, cyber-security, military training and DOD-funded R&D fields. These...more

Holland & Knight LLP

Government Contractors Should Expect Another Level of Cybersecurity Requirements

Holland & Knight LLP on

The Department of Defense’s cybersecurity requirements for Covered Defense Information became effective on Dec. 31, 2017. See DFARS 52.204-7012. There is no corresponding FAR cybersecurity rule, leaving the civilian agencies...more

Pillsbury Winthrop Shaw Pittman LLP

December 31, 2017 Deadline for Cybersecurity under DFARS 252.204-7012 Re-Interpreted

The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents. A defense contractor’s updated and current System Security...more

Burr & Forman

Two End-of-Year Federal Government Deadlines Approaching

Burr & Forman on

Significant Changes to Online Copyright (DMCA) Safe Harbor and DoD Contractor Cybersecurity (NIST 800-171) Requirements Take Effect at the End of This Year. Important Change Affecting Digital Millennium Copyright Act...more

Cooley LLP

Alert: DoD Contractors Required to Meet Cybersecurity Requirements by Year End

Cooley LLP on

The window for Department of Defense (DoD) contractors to bring themselves into compliance with cybersecurity requirements is closing. Specifically, changes to the Defense Federal Acquisition Regulation Supplement (DFARS)...more

Holland & Knight LLP

DoD to Host Industry Information Day on Implementation of Cybersecurity Rules

Holland & Knight LLP on

The Dec. 31, 2017 deadline for Department of Defense (DoD) contractors to comply with DoD’s cybersecurity and breach reporting requirements is looming. The requirements, which are set forth in DoD’s Oct. 21, 2016, final rule,...more

45 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide