DCMA’s Cybersecurity Oversight Takes Shape: Revised CPSR Guidebook Outlines DFARS Safeguarding Clause Audit Standards

Client Alert | 1 min read | 03.06.19

Following guidance issued by Under Secretary of Defense Lord, the Defense Contract Management Agency (DCMA) has revised its Contractor Purchasing System Review (CPSR) Guidebook to incorporate new standards DCMA auditors will use to assess contractor supply chain management under the DFARS Safeguarding Clause 252.204-7012. Notably, the new standards require contractors to “validate” that their subcontractors have information systems “that can receive and protect” Covered Defense Information (CDI) and to “determine” whether subcontractor systems are “acceptable.” Other new standards require contractors to demonstrate:

How CDI is properly marked and securely transferred to subcontractors; and
How subcontractor notifications regarding requests to vary from the NIST requirements and the submission of cyber incident reports are managed and documented.

The revisions also emphasize that 252.204-7012 is not an indiscriminate flowdown and applies only where the subcontractor will be utilized for operationally critical support or performing duties that involve CDI.

Contacts

Evan D. Wolff
Partner
He/Him/His
- Washington, D.C.
  - D | +1.202.624.2615
ZXdvbGZmQGNyb3dlbGwuY29t
Maida Oringher Lerner
Senior Counsel
She/Her/Hers
- Washington, D.C.
  - D | +1.202.624.2596
bWxlcm5lckBjcm93ZWxsLmNvbQ==
Christopher D. Garcia
Counsel
- Washington, D.C.
  - D | +1.202.688.3450
Y2dhcmNpYUBjcm93ZWxsLmNvbQ==
Nicole Owren-Wiest
Partner
She/Her/Hers
- Washington, D.C.
  - D | +1.202.624.2863
bm93cmVud2llc3RAY3Jvd2VsbC5jb20=
Michael G. Gruden
Partner
- Washington, D.C.
  - D | +1.202.624.2545
bWdydWRlbkBjcm93ZWxsLmNvbQ==

Insights

Client Alert | 8 min read | 06.06.25

Litigation Funding Reforms: Clarity for UK Funders and Litigants Post-PACCAR

On 2 June 2025 the Civil Justice Council (a UK public body that advises on civil justice and civil procedure) (“CJC”) issued its Review of Litigation Funding Final Report (the “Report”). The CJC has provided comprehensive recommendations on the regulation and reform of litigation funding in England and Wales. The highlight recommendation of the Report is for the UK Government to remove third party litigation funding from the regulations and requirements of the Damages-Based Agreements Regulations 2013 (“DBA Regulations”), reversing the judgment of the Supreme Court in PACCAR.[1] Meanwhile, the UK Court of Appeal has recently endorsed a position that the Competition Appeal Tribunal (“CAT”) may order that third party funders of collective proceedings be paid first from litigation proceeds before claimants according to waterfall provisions in their funding agreements....

Client Alert | 2 min read | 06.06.25
Supreme Court Dismisses Cert Petition On Uninjured Class Members As Improvidently Granted
Client Alert | 2 min read | 06.06.25
Supreme Court Unanimously Rejects Sixth Circuit’s “Background Circumstances” Requirement For “Reverse Discrimination” Cases
Client Alert | 2 min read | 06.06.25
USPTO Director Clarifies Burden on IPR Petitioners Relying on Prior Art Cited During Prosecution

View All Insights