Government Contracts Legal Blog

Covered Defense Information

Posted by Joseph Whitcomb on Oct 3, 2017 1:15:20 PM
Joseph Whitcomb

 

New Guidance Issued by Department of Defense Regarding Cybersecurity Regulations for All Defense Contractors

DFAS_Seal_10DEC15.png

 

A new clause in the Defense Federal Acquisition Regulations Supplement was added on 9/17/2017; DFARS 252.204-7012 - It describes how Covered Defense Information (CDI) must be protected inside the contractor's system(s) and their use of the cloud. This is a new clause for government procurement personnel and contracting officers, issued by the Office of the Under Secretary of Defense.

Many U.S. defense contractors, especially small and medium-sized businesses have been struggling with the strict regulations that are designed to protect Covered Defense Information (CDI). This new category of information refers to unclassified information that is considered sensitive. This new clause is now included in all DoD solicitations other than Commercial-Off-the-Shelf (COTS) Procurements. It stipulates that all defense contractors who handle CDI must be compliant with the wide-ranging set of security controls including all of the requirements prescribed in the NIST Special Publication 800-171; "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations." Compliance must be met no later than December 31, 2017. (More details and resource links are available at www.eresilience.com/dfars-7012)

Get Government Contract  Legal Help NOW!
The new guidance issued by Office of the Secretary of Defense encourages all contracting officers to specify what type of information will be considered to be CDI under the contract. It also recommends contractors perform careful assessments to determine needed infrastructural and organizational changes that will be required for their systems, policies, and procedures that will be necessary to meet the DFARS compliance requirements. These can include identifying where in-house efforts are needed and when assistance from qualified third parties with expertise and certifications in complex NIST cybersecurity implementations may be necessary.

Do You Need Legal Advice from an Experienced

Government Contract Law Firm?

Navigating cyber-security and its application to government contracts can be a challenge. There are various legal regulations and considerations at play, which can make it difficult to understand the proper course of action. But a knowledgeable government attorney can make all of the difference, helping you avoid pitfalls and resolve any issues that might arise. 

If you are in need of assistance with government contracts or other related matters, please do not hesitate to contact Whitcomb, Selinsky, McAuliffe, PC immediately. Located in Denver, Colorado, you can reach the attorneys at Whitcomb, Selinsky, McAuliffe, PC by phone at (303) 534-1958 or online by completing a simple form. 

 

Topics: Government Contracting

Government Contracting is not for the uninformed

Tune in here for the latest in legal news surrounding government contracting

Whitcomb Law, PC is dedicated to helping government contractors extract all the benefits that can be derived from doing business with federal, state, and local governments.  We strive to provide content on this blog that is up-to-date, relevant, and easy to read.  We enjoy reading your feedback especially when it helps us improve the way in which we serve you.

Our sources of information include

  • Recent rulings by the Court of Federal Claims
  • FAR Council
  • SBA rule makers
  • Center for Verification and Eligibility
  • News media
  • Our Clients

Subscribe to Our Legal Blog