DoD's Own Cyber Monday Deal: Releasing DFARS Cyber Enhancement Guidance
Client Alert | 1 min read | 11.27.18
Just in time for the holidays, the Defense Department published final guidance to the DoD acquisition community that details strategies to enhance existing cybersecurity requirements for Covered Defense Information (CDI) provided by the DFARS Safeguarding Clause 252.204-7012. The DoD’s guidance contains two documents that clarify how DoD will communicate their cybersecurity expectations to contractors, including where those expectations exceed what the DFARS Safeguarding Clause requires:
- Guidance for Reviewing System Security Plans (SSPs) outlines how the DoD expects to evaluate contractor SSPs, including the preferred method of meeting each NIST security control and the anticipated consequences of not yet having implemented those controls.
- Guidance for Assessing Compliance and Enhancing Protections provides objectives that requiring activities can tailor to assess contractors’ safeguarding of CDI, including how to incorporate compliance with NIST SP 800-171 and supply chain management as evaluation criteria in solicitations.
Contacts
Senior Counsel
She/Her/Hers
Insights
Client Alert | 4 min read | 08.30.24
The Texas Supreme Court recently released its decision in In re Dallas County, affirming the constitutionality of the newly-created Fifteenth Court of Appeals. The Fifteenth will be a statewide court of appeals with jurisdiction over Texas’s new business court for disputes valued over $10 million and appeals where the State or a State agency or university is a named party.
Client Alert | 6 min read | 08.29.24
HHS Proposes Using Procurement Policy to Push Health IT Standards
Client Alert | 3 min read | 08.28.24
Client Alert | 36 min read | 08.27.24
