News & Analysis as of

National Institute of Standards and Technology Federal Contractors Data Protection

Orrick, Herrington & Sutcliffe LLP

NIST issues updated security requirements and assessment procedures for protecting controlled unclassified information

On May 14, the National Institute of Standards and Technology (NIST) released “Revision 3” to Special Publication 800-171 (Protecting Controlled Unclassified Information on Nonfederal Systems and Organizations) and 800-171A...more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

Sheppard Mullin Richter & Hampton LLP

NIST Releases Initial Public Draft of NIST SP 800-171, Revision 3 for Protection of Sensitive Government Information

The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more

Bass, Berry & Sims PLC

NIST Releases Public Draft of Revised Guidelines Aimed at Helping Contractors Protect Sensitive Information

Bass, Berry & Sims PLC on

On May 10, the National Institute of Standards and Technology (NIST) released its initial public draft of SP 800-171, Revision 3, a set of updated guidelines aimed at helping organizations better handle confidential...more

PilieroMazza PLLC

GSA Technology Contractors: 4 Requirements to Ensure Only Approved Software Is Used

PilieroMazza PLLC on

Almost two years ago, Executive Order 14028 – Improving the Nation’s Cybersecurity (EO) was issued requiring a host of actions be taken by the Federal Acquisition Regulation (FAR) Council, the National Institute of Standards...more

Ankura

[Webinar] CMMC – Practical Solutions to Managing and Securing CUI Data, Perspectives of a Foreign Defense Contractor - November...

Ankura on

Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more

Wilson Sonsini Goodrich & Rosati

DoD to Contracting Officers: Demand Compliance and Seek Consequences for Material Breaches of Cybersecurity Requirements by...

On June 16, 2022, the Department of Defense (DoD) issued a memorandum to its contracting officers emphasizing their obligation to monitor compliance by DoD contractors with the cybersecurity requirements of their contracts....more

Wiley Rein LLP

DOD Suspends CMMC Version 1.0 and Charts a New Course With “CMMC 2.0”

Wiley Rein LLP on

WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - February 2021

In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more

Sheppard Mullin Richter & Hampton LLP

NIST Proposes Draft Enhanced Security Requirements for Protecting CUI

NIST recently released the final public draft of SP 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 (formerly Draft NIST SP...more

Pillsbury Winthrop Shaw Pittman LLP

DoD Has Released Model Version 1.0 of the Cyber Maturity Model Certification Framework

- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more

Hogan Lovells

ADG Insights | NIST set to "enhance" contractor cybersecurity duties

Hogan Lovells on

Through ADG Insights, we share with you the top legal and political issues affecting the aerospace, defense, and government services (ADG) industry. Our ADG industry team monitors the latest developments to help our clients...more

Jones Day

Whistleblower Receives First False Claims Act Payout for Cybersecurity Claim

Jones Day on

Whistleblower programs that previously focused on traditional concerns such as accounting and FCPA issues should now consider expanding to incorporate company IT and information security teams and account for data protection...more

Bass, Berry & Sims PLC

Vulnerable Systems: Contractor Protection of Controlled Unclassified Information at Risk

The Department of Defense (DoD) Inspector General recently issued a report summarizing the findings of an audit into the protection of Controlled Unclassified Information (CUI) on contractor networks. Based on an in-depth...more

PilieroMazza PLLC

Department of Defense Sets Course on Cybersecurity Evaluation and Enforcement

PilieroMazza PLLC on

On a limited budget, government contractors need to be compliant with a litany of statutes, regulations, and industry standards in order to remain competitive in the marketplace. This has become particularly true in the...more

Sheppard Mullin Richter & Hampton LLP

Cyber Update: DoD Contractor Cybersecurity Certification and 33 New Enhanced Controls to Combat the Advanced Persistent Threat

The Government remains intensely focused on how best to protect its Controlled Unclassified Information (CUI) once it is released to contractors. In a shift from its initial approach of “we will take the contractor’s word for...more

Foley & Lardner LLP

NIST Proposes Enhanced Security Requirements for Certain Government Contractors

Foley & Lardner LLP on

The National Institute of Standards and Technology (NIST) has announced proposed changes to NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The...more

Sheppard Mullin Richter & Hampton LLP

Feds Want New IoT Guidance to Address Security Vulnerabilities

“Internet of Things” devices are listening. And now the federal government is taking notice. As we reported in our Government Contracts and Investigations blog, to date, federal cybersecurity regulations for government...more

Sheppard Mullin Richter & Hampton LLP

“Internet of Things” Guidance to be Added to Cybersecurity Requirements for Agencies and Federal Contractors

In 2019, cybersecurity has become top-of-mind for most federal government contractors and agencies that share sensitive information. In addition to updated Department of Defense guidance and procedures for evaluating...more

PilieroMazza PLLC

Cybersecurity's Increasing Impact on Prime Contract and Subcontract Awards

PilieroMazza PLLC on

Since last year, I have been writing about the increasing impact of cybersecurity on contract awards. DoD has issued guidance on how it will evaluate system security plans, and it has indicated that, along with cost,...more

Akin Gump Strauss Hauer & Feld LLP

DOD and Other Agencies Seek to Enhance Contractors’ Cyber and Supply Chain Security

The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more

White and Williams LLP

DoD Issues New Guidance to Drive Compliance with NIST 800-171 Cybersecurity Requirements

Is this a Start of Something New for Third-Party Management? The demand for responsible cybersecurity in business is ubiquitous. The need to protect information is not limited to the financial services, insurance and...more

PilieroMazza PLLC

Cybersecurity Update—Round II

PilieroMazza PLLC on

As part of our continuing effort to keep you updated with new developments relating to compliance with the Department of Defense (DoD) Federal Acquisition Regulation Supplement (DFARS) 252.204-7012, this blog post provides a...more

PilieroMazza PLLC

Cybersecurity Update

PilieroMazza PLLC on

Last month many of you listened to the webinar Jon Williams and I did regarding the December 31, 2017, deadline to comply with the Department of Defense (DoD) Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 and...more

WilmerHale

Compliance Deadline Reached for DoD Contractor Security Controls Requirements

WilmerHale on

Under the Department of Defense (DoD) final Defense Federal Acquisition Regulation Supplement (DFARS) rule on Network Penetration Reporting and Contracting for Cloud Services, DoD contractors maintaining, processing, or...more

42 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide