The Wait Is Over: Final DFARS Safeguarding Rule Published Today
Client Alert | 1 min read | 10.21.16
Almost three years after its first iteration was published, DoD has finalized the DFARS Safeguarding Rule and corresponding DFARS clauses regarding the protection of “covered defense information” provided to or generated by defense contractors. Effective today, the Final Rule by and large reflects the same requirements of its interim versions and FAQs but with a few notable exceptions, including the definition of “covered defense information” now encompasses all forms of “controlled unclassified information” and thus aligns with the National Archive’s recent final rule, external cloud services housing covered defense information must comply with certain FedRAMP security requirements, and subcontractors must notify their primes when requesting variances from the security controls of NIST Special Publication 800-171.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 3 min read | 03.12.26
DOJ Releases First-Ever Department-Wide Corporate Enforcement and Voluntary Self-Disclosure Policy
On March 10, 2026, the Department of Justice released the first-ever Department-wide Corporate Enforcement and Voluntary Self-Disclosure Policy (the “Department-wide CEP” or “Policy”), which applies to all non-antitrust corporate criminal cases across the Department. The new policy has been anticipated since December 2025, when Deputy Attorney General Todd Blanche announced the Department’s plans to release a new, single corporate enforcement policy for all criminal matters. According to the Department, the new policy is designed to “help ensure consistency across the Department” and “transparently describe the Department’s policies and decisionmaking.”
Client Alert | 2 min read | 03.11.26
Client Alert | 3 min read | 03.11.26
Civil Litigation as a First-Response Strategy: The UK Government's Fraud Strategy 2026–2029
