DoD's New Year's Gift: More Time to Meet Cyber Safeguarding Requirements

Client Alert | 1 min read | 12.30.15

On December 30, DoD issued an interim rule amending the DFARS Safeguarding Rule in several respects, including to provide contractors up to December 31, 2017, to comply with the security control requirements identified in DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, and detailed in NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. Despite the additional time to comply, within 30 days of contract award, contractors must still notify the DoD Chief Information Officer of any NIST SP 800-171 security requirements not yet implemented.

Contacts

Kate M. Growley
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
  - D | +1.202.624.2698
- Washington, D.C. (CGA)
  - D | +1 202.624.2500
a2dyb3dsZXlAY3Jvd2VsbC5jb20=

Insights

Client Alert | 4 min read | 01.14.26

PFAS Reporting Gets Real in 2026

State regulation of PFAS-containing products will ramp up significantly in 2026. Most notably, companies will have to comply with Minnesota’s sweeping new product-reporting requirements. As we explain below, Minnesota’s requirements cast a wide net, capturing companies that may not sell products directly into the state. This and other features of the state’s reporting program are likely to present significant compliance challenges for a wide range of businesses....

Client Alert | 3 min read | 01.13.26
Colorado Judge Quashes DOJ Gender-Related Care Subpoena
Client Alert | 7 min read | 01.13.26
New rules in relation to work incapacity Strengthened Return-to-Work Policy and Reintegration Trajectory 3.0: What Changes as of 1 January 2026
Client Alert | 4 min read | 01.13.26
NIST Releases Draft Framework for AI Cybersecurity, Solicits Public Comment: What Organizations Using or Deploying AI Should Know

View All Insights