DoD Meets Contractors Half-Way at Industry Information Day
Client Alert | 1 min read | 06.28.17
On June 23, the Department of Defense hosted its highly anticipated Industry Information Day to respond to feedback received from the contracting community regarding last year’s finalization of DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. Top of mind for many in attendance was the looming end-of-year deadline to implement NIST SP 800-171, including its requirements regarding multifactor authentication. By the end of the session, however, DoD representatives repeatedly stated that contractors may use system security plans (SSPs) and plans of action and milestones (POAMs) to document their anticipated implementation of the required controls and thus comply with the Clause – even if the actual implementation of those controls extends beyond 2017. A revised set of FAQs is expected next month, which should provide additional details regarding this new guidance.
Insights
Client Alert | less than 1 min read | 03.13.24
Crowell Talks Tax: The Inflation Reduction Act's Domestic Content Bonus Credits (VIDEO)
Client Alert | 8 min read | 03.13.24
HHS Finalizes Significant Modifications Aligning Part 2 Regulations with HIPAA
Client Alert | 1 min read | 03.12.24
Client Alert | 3 min read | 03.11.24
DOJ Offers Cash “Carrot” to Whistleblowers; Foreshadows “Stick” of More Corporate Enforcement