DoD Issues Long-Awaited Interim Rule on Cyber Requirements and Cloud Services

Client Alert | 1 min read | 09.03.15

As discussed in our recent blog post, on August 26, DoD published an Interim Rule that would expand the already onerous requirements of the DFARS Safeguarding Clause by broadening its application to "covered defense information" and by requiring subcontractors to report cyber incidents directly to DoD. As discussed in a separate blog post, the Interim Rule also seeks to ensure uniformity in the DoD's IT acquisition and use of cloud computing services by adding T&C's, including that, unless otherwise authorized, cloud service providers must maintain all government data within the U.S., outlying areas, or DoD premises.

Contacts

Peter Eyre
Partner
He/Him/His
- Washington, D.C.
  - D | +1.202.624.2807
cGV5cmVAY3Jvd2VsbC5jb20=
Olivia Lynch
Partner
- Washington, D.C.
  - D | +1.202.624.2654
b2x5bmNoQGNyb3dlbGwuY29t
Kate M. Growley
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
  - D | +1.202.624.2698
- Washington, D.C. (CGA)
  - D | +1 202.624.2500
a2dyb3dsZXlAY3Jvd2VsbC5jb20=

Insights

Client Alert | 4 min read | 01.07.26

FDA Request for Information Signals New Path for VC Firms and their Portfolio Companies in Federal Contracting

On December 17, 2025, the U.S. Food and Drug Administration (FDA) issued a request for information (RFI) on a proposal designed to help the FDA engage more directly with innovative, venture-backed companies focused on biotechnology, medical devices, AI, and regulatory technology.[i]The RFI includes 19 questions, with responses due by 2:00 p.m. ET on January 18, 2026....

Client Alert | 3 min read | 01.07.26
CMMC for AI? Defense Policy Law Imposes AI Security Framework and Requirements on Contractors
Client Alert | 3 min read | 01.07.26
New Year, Same CIPA Uncertainty – When Will the Appellate Courts Enter the Chat?
Client Alert | 11 min read | 01.07.26
The Month in International Trade – December 2025

View All Insights