DCMA’s Cybersecurity Oversight Takes Shape: Revised CPSR Guidebook Outlines DFARS Safeguarding Clause Audit Standards

Client Alert | 1 min read | 03.06.19

Following guidance issued by Under Secretary of Defense Lord, the Defense Contract Management Agency (DCMA) has revised its Contractor Purchasing System Review (CPSR) Guidebook to incorporate new standards DCMA auditors will use to assess contractor supply chain management under the DFARS Safeguarding Clause 252.204-7012. Notably, the new standards require contractors to “validate” that their subcontractors have information systems “that can receive and protect” Covered Defense Information (CDI) and to “determine” whether subcontractor systems are “acceptable.” Other new standards require contractors to demonstrate:

How CDI is properly marked and securely transferred to subcontractors; and
How subcontractor notifications regarding requests to vary from the NIST requirements and the submission of cyber incident reports are managed and documented.

The revisions also emphasize that 252.204-7012 is not an indiscriminate flowdown and applies only where the subcontractor will be utilized for operationally critical support or performing duties that involve CDI.

Contacts

Christopher D. Garcia
Counsel
- Washington, D.C.
  - D | +1.202.688.3450
Y2dhcmNpYUBjcm93ZWxsLmNvbQ==
Nicole Owren-Wiest
Partner
She/Her/Hers
- Washington, D.C.
  - D | +1.202.624.2863
bm93cmVud2llc3RAY3Jvd2VsbC5jb20=
Michael G. Gruden
Partner
- Washington, D.C.
  - D | +1.202.624.2545
bWdydWRlbkBjcm93ZWxsLmNvbQ==
Kate M. Growley
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
  - D | +1.202.624.2698
- Washington, D.C. (CGA)
  - D | +1 202.624.2500
a2dyb3dsZXlAY3Jvd2VsbC5jb20=

Insights

Client Alert | 2 min read | 11.14.25

Defining Claim Terms by Implication: Lexicography Lessons from Aortic Innovations LLC v. Edwards Lifesciences Corporation

Claim construction is a key stage of most patent litigations, where the court must decide the meaning of any disputed terms in the patent claims. Generally, claim terms are given their plain and ordinary meaning except under two circumstances: (1) when the patentee acts as its own lexicographer and sets out a definition for the term; and (2) when the patentee disavows the full scope of the term either in the specification or during prosecution. Thorner v. Sony Comput. Ent. Am. LLC, 669 F.3d 1362, 1365 (Fed. Cir. 2012). The Federal Circuit’s recent decision in Aortic Innovations LLC v. Edwards Lifesciences Corp. highlights that patentees can act as their own lexicographers through consistent, interchangeable usage of terms across the specification, effectively defining terms by implication....

Client Alert | 6 min read | 11.14.25
Microplastics Update: Regulatory and Litigation Developments in 2025
Client Alert | 6 min read | 11.14.25
Relevancy Reigns, But IRS Prevails: Tax Court Holds in Patel Case that Threshold Relevancy Determination Required Prior to Application of Codified Economic Substance Doctrine
Client Alert | 6 min read | 11.13.25
FTC and NAD Enforcement Priorities & ANA 2025

View All Insights