DoD's New Year's Gift: More Time to Meet Cyber Safeguarding Requirements

Client Alert | less than 1 min read | 12.30.15

On December 30, DoD issued an interim rule amending the DFARS Safeguarding Rule in several respects, including to provide contractors up to December 31, 2017, to comply with the security control requirements identified in DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, and detailed in NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. Despite the additional time to comply, within 30 days of contract award, contractors must still notify the DoD Chief Information Officer of any NIST SP 800-171 security requirements not yet implemented.

Contacts

Kate M. Growley
Partner and Crowell Global Advisors Senior Director
- Washington, D.C.
  - D | +1.202.624.2698
- Washington, D.C. (CGA)
  - D | +1 202.624.2500
a2dyb3dsZXlAY3Jvd2VsbC5jb20=

Insights

Client Alert | 3 min read | 05.14.26

CISA’s “CI Fortify” Initiative Signals New Expectations for Critical Infrastructure Resilience: What Operators and Vendors Need to Know

On May 5, 2026, CISA announced CI Fortify — an initiative directing critical infrastructure owners and operators to prepare for geopolitical conflict in which OT networks are actively targeted while communications infrastructure is simultaneously degraded....

Client Alert | 4 min read | 05.14.26
No-Fly Zones for Drones: FAA Proposes New Rules Over Critical Infrastructure
Client Alert | 2 min read | 05.14.26
Proposed DFARS Rule Could Require Disclosures and Mitigation Related to Foreign Ownership, Control, and Influence (FOCI) on Certain Unclassified Contracts
Client Alert | 4 min read | 05.14.26
Supply Chain Disruption – Again

View All Insights