DOD Proposed New Cybersecurity Rules
Client Alert | 1 min read | 03.08.10
On March 3, DoD issued a notice of, and requested comments on, proposed rules levying information security requirements for safeguarding unclassified "DoD information" and reporting security breaches when contractors and subcontractors may have such information "resident on or transiting" their information systems. The proposed rule not only mandates that contractors "shall provide adequate security to safeguard DoD information," but also (1) requires flowdown to subcontractors; (2) establishes extreme standards in some areas (e.g., "best level of security and privacy available"); (3) incorporates National Institute of Standards and Technology (NIST) standards in some areas, but not others; and (4) acknowledges that the contractor will still need to comply with all other applicable security standards, such as "CPI, PII, For Official Use Only, Privacy Act, ITAR, EAR, and HIPAA."
Contacts
Partner
She/Her/Hers
Insights
Client Alert | 4 min read | 08.20.25
FAR Council Issues Rewrites to FAR Parts 8 and 12
On August 14, 2025, the Office of Federal Procurement Policy (OFPP) and the Federal Acquisition Regulatory Council (FAR Council) issued draft revisions to FAR Part 8 and FAR Part 12 (as well as to FAR Parts 4 and 40). These are the latest rewrites under the Revolutionary FAR Overhaul (RFO) initiative pursuant to Executive Order 14275, “Restoring Common Sense to Federal Procurement,” which we previously reported on here.
Client Alert | 15 min read | 08.20.25
Client Alert | 2 min read | 08.19.25
Client Alert | 4 min read | 08.19.25
Forged Faces, Real Liability: Deepfake Laws Take Effect in Washington State and Pennsylvania
