“Miss Me with Rev. 3,” Says DoD: DoD Issues Class Deviation Linking DFARS 7012 to NIST SP 800-171, Rev. 2

Client Alert | 1 min read | 05.03.24

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (DFARS 7012), specifying that contractors subject to the clause must comply with NIST SP 800-171, Revision 2. The deviation (labeled Deviation 2024-O0013) will delay the incorporation of NIST SP 800-171, Revision 3—which is set to be finalized in the next few weeks—into DFARS 7012.

The standard version of DFARS 7012 does not identify a specific NIST SP 800-171 Revision number, and has been interpreted by DoD as requiring compliance with NIST SP 800-171’s most current Revision. But with Revision 3’s final release looming, DoD has directed contracting officers to use Deviation 2024-O0013 in place of the standard clause moving forward, linking DFARS 7012 to Revision 2 for the time being.

In a press release announcing the deviation, DoD stated that the “intent of this class deviation is to provide industry time for a more deliberate transition upon the forthcoming release of [NIST SP 800-171, Revision 3].”

It is unclear when DoD plans to adopt Revision 3. However, contractors should take advantage of DoD’s reprieve to get familiar with Revision 3, as the DoD has previously indicated that it intends to incorporate NIST SP 800-171’s newest revision into both DFARS 7012 and its forthcoming Cyber Maturity Model Certification (CMMC) program.

Contacts

Michael G. Gruden
Partner
- Washington, D.C.
  - D | +1.202.624.2545
bWdydWRlbkBjcm93ZWxsLmNvbQ==
Nkechi Kanu
Partner
- Washington, D.C.
  - D | +1 202.624.2872
bmthbnVAY3Jvd2VsbC5jb20=
Jacob Harrison
Associate
He/Him/His
- Washington, D.C.
  - D | +1.202.624.2533
amhhcnJpc29uQGNyb3dlbGwuY29t

Insights

Client Alert | 3 min read | 10.15.25

Developers Adapt Timelines and Strategies for Wind and Solar Projects Following Recent IRS Guidance and Expected IRS Enforcement Activity

On August 15, 2025, the Treasury Department and IRS released updated guidance concerning Beginning of Construction requirements to qualify for clean energy tax credits. This new guidance is critical for developers to consider as they rush to qualify for the tax credits before they expire entirely. The much-anticipated guidance followed the July 7, 2025 Executive Order 14315, Ending Market Distorting Subsidies for Unreliable, Foreign-Controlled Energy Sources (“July 7, 2025 Executive Order”), which signaled that the Trump Administration was planning to strictly enforce the termination of production and investment tax credits for solar and wind facilities that are set to expire under the One Big Beautiful Bill Act (OBBB Act), covered in more detail here. The new guidance comes at a time when many in the industry are struggling to keep up with the myriad ways that the new administration is working to roll back wind and solar tax credits, leaving developers to piece through the recent guidance to determine how best to structure and invest in clean energy projects given the volatile position of the current administration vis-a-vis wind and solar energy....

Client Alert | 10 min read | 10.15.25
Understanding the EU’s International Procurement Instrument
Client Alert | 4 min read | 10.14.25
Amici Urge SCOTUS to Walk Back Fourth Circuit Decision on Contributory Liability for Copyright Infringement
Client Alert | 35 min read | 10.13.25
Building Blocks of Design Law: CJEU rules on LEGO Group Modular Design Protection

View All Insights