DoD Issues Long-Awaited Interim Rule on Cyber Requirements and Cloud Services
September 3, 2015
As discussed in our recent blog post, on August 26, DoD published an Interim Rule that would expand the already onerous requirements of the DFARS Safeguarding Clause by broadening its application to "covered defense information" and by requiring subcontractors to report cyber incidents directly to DoD. As discussed in a separate blog post, the Interim Rule also seeks to ensure uniformity in the DoD's IT acquisition and use of cloud computing services by adding T&C's, including that, unless otherwise authorized, cloud service providers must maintain all government data within the U.S., outlying areas, or DoD premises.
For more information, please contact the professional(s) listed below, or your regular Crowell & Moring contact.