DOD Proposed New Cybersecurity Rules

Client Alert | 1 min read | 03.08.10

On March 3, DoD issued a notice of, and requested comments on, proposed rules levying information security requirements for safeguarding unclassified "DoD information" and reporting security breaches when contractors and subcontractors may have such information "resident on or transiting" their information systems. The proposed rule not only mandates that contractors "shall provide adequate security to safeguard DoD information," but also (1) requires flowdown to subcontractors; (2) establishes extreme standards in some areas (e.g., "best level of security and privacy available"); (3) incorporates National Institute of Standards and Technology (NIST) standards in some areas, but not others; and (4) acknowledges that the contractor will still need to comply with all other applicable security standards, such as "CPI, PII, For Official Use Only, Privacy Act, ITAR, EAR, and HIPAA."

Contacts

Adelicia R. Cliffe
Partner
She/Her/Hers
- Washington, D.C.
  - D | +1.202.624.2816
YWNsaWZmZUBjcm93ZWxsLmNvbQ==

Insights

Client Alert | 6 min read | 01.16.26

Trump Administration Rolls Out New DOJ Division for National Fraud Enforcement

On January 8, 2026, the Trump Administration announced the creation of a new Division for National Fraud Enforcement within the Department of Justice (DOJ). The division will be led by a newly appointed Assistant Attorney General (AAG), pending Senate confirmation, who will report directly to both the President and Vice President and operate out of the White House. Such a reporting structure is unprecedented in the history of the DOJ....

Client Alert | 4 min read | 01.15.26
Access to Public Domain Documents Pilot: Practice Direction 51ZH
Client Alert | 4 min read | 01.14.26
PFAS Reporting Gets Real in 2026
Client Alert | 3 min read | 01.13.26
Colorado Judge Quashes DOJ Gender-Related Care Subpoena

View All Insights