Court Ruling Reshapes the Landscape of FOIA Compliance: DOC vs. EFF
Appellate law and ALJ's decisions play a crucial role in upholding justice and ensuring fair proceedings in legal cases. The recent legal dispute...
The Department of Defense recently released new guidance regarding cybersecurity regulations for all defense contractors. A new clause in the Defense Federal Acquisition Regulations Supplement, added on Sept. 17, 2017, DFARS 252.204-7012, describes how Covered Defense Information (CDI) must be protected inside the contractor's system(s) and their use of the cloud. This is a new clause for government procurement personnel and contracting officers, issued by the Office of the Under Secretary of Defense.
Many U.S. defense contractors, especially small and medium-sized businesses have been struggling with the strict regulations that are designed to protect Covered Defense Information (CDI). This new category of information refers to unclassified information that is considered sensitive. This new clause is now included in all DoD solicitations other than Commercial-Off-the-Shelf (COTS) Procurements.
It stipulates that all defense contractors who handle CDI must be compliant with the wide-ranging set of security controls including all of the requirements prescribed in the NIST Special Publication 800-171; "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations." Compliance must be met no later than December 31, 2017. (More details and resource links are available at www.eresilience.com/dfars-7012
The new guidance issued by Office of the Secretary of Defense encourages all contracting officers to specify what type of information will be considered to be CDI under the contract. It also recommends contractors perform careful assessments to determine needed infrastructural and organizational changes that will be required for their systems, policies, and procedures that will be necessary to meet the DFARS compliance requirements. These can include identifying where in-house efforts are needed and when assistance from qualified third parties with expertise and certifications in complex NIST cybersecurity implementations may be necessary.
Navigating cyber-security and its application to government contracts can be a challenge. There are various legal regulations and considerations at play, which can make it difficult to understand the proper course of action. But a knowledgeable government attorney can make all of the difference, helping you avoid pitfalls and resolve any issues that might arise.
If you are in need of assistance with government contracts or other related matters, please do not hesitate to contact Whitcomb, Selinsky, PC immediately. Located in Denver, Colorado, you can reach the attorneys at Whitcomb, Selinsky, PC by phone at (303) 534-1958 or online by completing a simple form.
Appellate law and ALJ's decisions play a crucial role in upholding justice and ensuring fair proceedings in legal cases. The recent legal dispute...
Background: Unveiling Allegations Against Cisco The case highlights key elements of appellate law and ALJ's decisions. The plaintiffs' allegations...
The Allegations of Noncompliance with the Administrative Procedure Act The Department of Commerce's decision to place Changji on the Entity List...