Following the release of GAO and Congressional reports detailing counterfeit electronic parts in the Department of Defense (“DoD”) supply chain, Congress and the executive branch have made DoD supply chain security a priority. As part of the Government’s comprehensive approach to improving supply chain security for DoD, previously blogged about here and here, Congress passed legislation containing new reporting requirements for contractors who discover counterfeit or suspected counterfeit parts. The Government – Industry Data Exchange Program, or “GIDEP,” is a joint U.S. – Canadian program, funded by both governments, is currently DoD’s designated reporting organization for counterfeit parts.
Continue Reading

The past year has showcased major developments in cybersecurity: unprecedented thefts and attacks, with losses estimated in the hundreds of billions of dollars; expanding sector-specific cybersecurity statutes and regulations; and a sweeping Executive Order on cybersecurity for critical infrastructure followed by a recent push for cyber intelligence sharing from Congress. Expect even more significant developments

The FAR Council issued a proposed rule on March 7, 2013, that would amend the FAR to mirror recent changes to the Small Business Administration’s procedures for protests and appeals of small business size and status determinations.  The rule also seeks to provide uniformity for protests and appeals of status as a HUBZone small business concern, Service-Disabled Veteran-Owned Small Business (“SDVOSB”), Economically Disadvantaged Women-Owned Small Business (“EDWOSB”), or Women-Owned Small Business (“WOSB”).  Finally, the proposed rule also includes several other revisions, including changes to the requirements of the “nonmanufacturer rule,” updates to small business status following size determinations, and guidance on NAICS determinations.

Size Protests & Appeals.  The new rule would increase the time (from 10 to 15 days) for the SBA to make a size determination of a protested business concern.  It would also provide the contracting officer with the authority and discretion to authorize more time for the SBA to make its determination, and to award contracts, if necessary, when the SBA has not completed its determinations within 15 days.  For appeals, the proposed rule clarifies that it is entirely within the discretion of the SBA’s Office of Hearing and Appeals (“OHA”) whether to hear an appeal of a size determination, and within the contracting officer’s discretion whether to suspend an award to a party whose size determination has been appealed.  The proposed rule also allows for email delivery of written protests.

Continue Reading

After years of abortive attempts by Congress to enact comprehensive cybersecurity legislation, the President took matters into his own hands on February 12, signing an Executive Order, Improving Critical Infrastructure Cybersecurity.  Identifying the cyber threat as “one of the most serious national security challenges we must confront,” this Order, along with its contemporaneous Presidential

Just before the closing bell for 2012, the federal government gave its first approval for government-wide security authorization to a cloud service provider.  On December 26, the General Services Administration (GSA) certified its first cloud service provider under the Federal Risk and Authorization Management Program, more commonly known as FedRAMP.  The GSA expects last month’s