Government Contracts MonitorInformation SecurityShort Take: The Widespread Use of Legacy Systems and Hardware in the US GovernmentAugust 23, 2016 Last week, Dell released the results of its 2016 online survey of the state of IT trends in the federal government. The survey’s 100 participants were IT decision-makers and Business Decision Makers, and it was part of a larger international report on Global IT decision making in the public and private sector. The survey found that federal agencies are still largely reticent to use cloud-based… Cyber Incident Reporting for Private EntitiesAugust 15, 2016 In a move that reflects the federal government’s continuing emphasis on the security of cyber networks and content, the Department of Homeland Security (DHS) recently published a unified statement instructing private sector entities on the basics of reporting cyber incidents. According to the statement, private entities that fall prey to cyber incidents can benefit from federal government… Short Take: DPAP Acquisition Compliance ScorecardJune 6, 2016 On May 18, the Office of the Undersecretary for Defense, Acquisition, Technology and Logistics (OUSD/AT&L) released its Acquisition Compliance Scorecard for the second quarter of fiscal year 2016. The report analyzed several Department of Defense (DoD) Agencies’ compliance with procurement regulations in three areas: competition, past performance, and including the new DFARS clause 252.204-7012,… New FAR Rule on Basic Safeguarding of Contractor Information Systems Is HereMay 22, 2016 The Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA) recently issued a final rule aimed at ensuring a basic level of protection for covered contractor information systems. The new rule is just one in a series of regulatory actions being taken or planned to strengthen protections for information systems. It is intended to… Sometimes You Have to “Destroy” Your Company in Order to Sell ItJune 1, 2015 As the Government’s interest in information security steadily grows, many contractors are learning to comply with a dizzying array of data security requirements. Contractors expect to see even more data security rules and are gearing up to respond to the expected challenges. But many contractors have not given much thought to how the Government’s information security requirements… Executive Order Promotes Private Sector Cybersecurity Information SharingMarch 9, 2015 On February 13, 2015, President Barack Obama issued an executive order (Order) intended to encourage the sharing of information related to cybersecurity risks and incidents within the private sector and between the private sector and government. Building upon the foundation established by Executive Order 13636 (Improving Critical Infrastructure Cybersecurity), and Presidential Policy… Short Take: Another Export Violator Behind BarsMarch 2, 2015 The Department of Justice recently announced that Mozaffar Khazaee has pleaded guilty to violating the Arms Export Control Act. DOJ Announcement. The violation occurred when Khazaee sent “sensitive, proprietary, trade secret and export controlled material relating to military jet engines for the U.S. Air Force’s F35 Joint Strike Fighter program and the F-22 Raptor program” to… Short Take: NIST Special Publication 800-171 Proposes New Cybersecurity Guidelines for ContractorsDecember 16, 2014 The National Institute of Standards and Technology recently issued a draft of Special Publication 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.” The new document contains security requirements applicable “to nonfederal information systems (or components of nonfederal systems) and organizations that process, store, or transmit… 2015 NDAA Likely to Require Reporting of Cyber Incidents by Certain Contractors; Potential Impact Remains UnclearDecember 9, 2014 Last week, members of the House and Senate agreed to retain draft language in the 2015 National Defense Authorization Act (2015 NDAA) bill that would amend Title 10 of the U.S. Code to require “operationally critical” Defense contractors to promptly report “cyber incidents” to the Department of Defense (DoD). The proposed statutory change comes as a result of a yearlong Senate committee… Short Take: Too Much Knowledge Can Be a Disadvantage: Fraudulent Receipt of Confidential Government InformationNovember 4, 2014 A 54-year old Virginia executive, Mark Farmer, was indicted in October for allegedly providing things of value to the former director of two Ohio Veterans Affairs (VA) Medical Centers. The alleged quid pro quo was that, in exchange for these items of value, the VA director provided confidential information to Farmer about various VA construction projects. The charges in the… DoD Paves the Way for Foreign-Owned U.S. ContractorsApril 15, 2014 DoD just issued an interim final rule for the protection of classified information disclosed to or developed by government contractors. The rule (i) implements policy, (ii) assigns responsibilities, (iii) establishes requirements, and (iv) provides procedures to protect this information. Among other things, the new rule establishes criteria for determining whether a contractor is… NIST Releases Cybersecurity Framework Version 1.0February 20, 2014 On February 12, 2014, the National Institute of Standards and Technology (“NIST”) released the long-awaited Cybersecurity Framework Version 1.0. According to NIST, “The framework allows organizations—regardless of size, degree of cyber risk or cybersecurity sophistication—to apply the principles and best practices of risk management to improve the security and resilience… |
|
© 2024 Jackson Kelly PLLC. All Rights Reserved.