Skip to content

Menu

LexBlog, Inc. logo
CommunitySub-MenuPublishersChannelsProductsSub-MenuBlog ProBlog PlusBlog PremierMicrositeSyndication PortalsAboutContactResourcesSubscribeSupport
Join
Search
Close

New DFARS Safeguards and Reporting Requirements

By David Bodenheimer, David C. Hammond & Evan D. Wolff on December 11, 2013
Email this postTweet this postLike this postShare this post on LinkedIn

A DFARS final rule (Nov. 18, 2013) on the safeguarding of unclassified, controlled technical information requires contractors, among other things, to report within 72 hours of discovery any “cyber incident” (an action that results in an actual or potentially adverse affect on an information system and/or the information residing therein), preserve relevant data for at least 90 days, conduct an internal review of its network for evidence and extent of any compromise of data, cooperate with DoD “damage assessments,” and flow the clause down to subcontractors (even for commercial items) — all at the contractor’s own cost. Given the rampant intellectual property and technology losses due to cyber espionage and other thefts documented in Congressional hearings, intelligence assessments, and industry reports this year, these DFARS requirements will apply additional pressure upon contractors to amend their existing compliance policies and procedures to address how to respond to a cyber incident and comply with these regulations.

Photo of David C. Hammond David C. Hammond

David Hammond advises, litigates on behalf of, and represents domestic and foreign government contractors before all three branches of the federal government. . In over 30 years of experience, he has developed particular expertise in advising companies regarding complex and difficult situations arising…

David Hammond advises, litigates on behalf of, and represents domestic and foreign government contractors before all three branches of the federal government. . In over 30 years of experience, he has developed particular expertise in advising companies regarding complex and difficult situations arising from the performance of U.S. government contracts in foreign countries, especially involving allegations of foreign government corruption and related defense and risk mitigation strategies. He has successfully represented defense, security, intelligence, and aerospace companies in matters involving awards and protests, internal investigations, voluntary and mandatory disclosures, Congressional investigations and hearings, false claims, suspension and debarment, industrial security, international procurements, joint venture and teaming agreements, and prime-subcontractor disputes. He was the founding Chair of the Government and Legal Affairs Committee of the International Stability Operations Association. He has litigated government contract disputes and other procurement matters before the United States Court of Appeals for the Federal Circuit, Federal District Courts, the Government Accountability Office, the Armed Services Board of Contract Appeals, the Civilian Board of Contract Appeals, the Small Business Administration, and state administrative agencies.

Read more about David C. HammondEmail
Show more Show less
Photo of Evan D. Wolff Evan D. Wolff

Evan D. Wolff is a partner in Crowell & Moring’s Washington, D.C. office, where he is co-chair of the firm’s Chambers USA-ranked Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical…

Evan D. Wolff is a partner in Crowell & Moring’s Washington, D.C. office, where he is co-chair of the firm’s Chambers USA-ranked Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical background and understanding of complex cybersecurity legal and policy issues. Calling upon his experiences as a scientist, program manager, and lawyer, Evan takes an innovative approach to developing blended legal, technical, and governance mechanisms to prepare companies with rapid and comprehensive responses to rapidly evolving cybersecurity risks and threats. Evan has conducted training and incident simulations, developed response plans, led privileged investigations, and advised on hundreds of data breaches where he works closely with forensic investigators. Evan also counsels businesses on both domestic and international privacy compliance matters, including the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). He is also a Registered Practitioner under the Cybersecurity Maturity Model Certification (CMMC) framework.

Read more about Evan D. WolffEmail
Show more Show less
  • Posted in:
    Privacy & Data Security
  • Blog:
    Data Law Insights
  • Organization:
    Crowell & Moring LLP
  • Article: View Original Source

LexBlog, Inc. logo
Facebook LinkedIn Twitter RSS
Real Lawyers
99 Park Row
  • About LexBlog
  • Careers
  • Press
  • Contact LexBlog
  • Privacy Policy
  • Editorial Policy
  • Disclaimer
  • Terms of Service
  • RSS Terms of Service
  • Products
  • Blog Pro
  • Blog Plus
  • Blog Premier
  • Microsite
  • Syndication Portals
  • LexBlog Community
  • 1-800-913-0988
  • Submit a Request
  • Support Center
  • System Status
  • Resource Center

New to the Network

  • International Dispute Resolution
  • China Law Update Blog
  • Law of The Ledger
  • Antitrust Law Blog
  • Your ERISA Watch
Copyright © 2022, LexBlog, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo