DoD's Own Cyber Monday Deal: Releasing DFARS Cyber Enhancement Guidance
Client Alert | 1 min read | 11.27.18
Just in time for the holidays, the Defense Department published final guidance to the DoD acquisition community that details strategies to enhance existing cybersecurity requirements for Covered Defense Information (CDI) provided by the DFARS Safeguarding Clause 252.204-7012. The DoD’s guidance contains two documents that clarify how DoD will communicate their cybersecurity expectations to contractors, including where those expectations exceed what the DFARS Safeguarding Clause requires:
- Guidance for Reviewing System Security Plans (SSPs) outlines how the DoD expects to evaluate contractor SSPs, including the preferred method of meeting each NIST security control and the anticipated consequences of not yet having implemented those controls.
- Guidance for Assessing Compliance and Enhancing Protections provides objectives that requiring activities can tailor to assess contractors’ safeguarding of CDI, including how to incorporate compliance with NIST SP 800-171 and supply chain management as evaluation criteria in solicitations.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 4 min read | 03.04.26
Sixth Circuit Finds EFAA Arbitration Bar to Entire Case — Not Just Sexual Harassment Claims
The United States Court of Appeals for the Sixth Circuit held, in an issue of first impression for that court, that the Ending Forced Arbitration of Sexual Assault and Sexual Harassment Act of 2021 (EFAA) renders an employer’s pre-dispute arbitration agreement unenforceable as to a plaintiff's entire lawsuit, whenever the lawsuit includes a viable sexual harassment claim.
Client Alert | 3 min read | 03.02.26
Client Alert | 4 min read | 03.02.26
Client Alert | 3 min read | 02.27.26
