All Alerts & Newsletters

NASA Proposes Cyber Lock-Down On Contractors


Following an outbreak of highly publicized information security breaches ripping through the federal government and prompting new OMB "get-tough" directives, NASA is proposing a new crackdown on contractors that "(1) have physical or electronic access to NASA's computer systems, networks, or IT infrastructure; or (2) use information systems to generate, store, or exchange data with NASA or on behalf of NASA." 71 Fed. Reg. 43408 (Aug. 1, 2006) Under these proposed rules, NASA contractors face a variety of new and expanded cyber requirements that generally add cost and risk to contract performance, including: (1) submitting IT "Security Plans" compliant with National Institute of Standards and Technology (NIST) SP 800-18; (2) performing "Risk Assessments" consistent with Federal Information Processing Standards Publication (FIPS) 199; (3) preparing contingency plans per NIST SP 800-34; (4) conducting annual IT security training; and (5) assuring that contractor personnel with access to NASA IT systems have National Agency Check with Inquiries (NACI) screening.

Email Twitter LinkedIn Facebook Google+

For more information, please contact the professional(s) listed below, or your regular Crowell & Moring contact.

David Z. Bodenheimer
Partner – Washington, D.C.
Phone: +1 202.624.2713

John E. McCarthy Jr.
Partner – Washington, D.C.
Phone: +1 202.624.2579