Government Contracts Legal Forum

Kate M. Growley

Subscribe to all posts by Kate M. Growley

NIST Gives Contractors Extra Time to Comment on Proposed Assessment Guide for NIST SP 800-171

Posted in Cybersecurity, Legal Developments
As defense contractors continue to push towards their end-of-year implementation deadline for NIST SP 800-171 under DFARS 252.204-7012, the National Institute of Standards & Technology (NIST) has given the contracting community some extra time to respond to a draft publication that outlines how they and their customers alike can assess compliance with the security standard. … Continue Reading

OOPS 2017 Preview: Hurry-Up Offense: Keeping Pace with Information Security and Privacy

Posted in Cybersecurity, Legal Developments
The contracting community is hurrying to keep pace with the bevy of recent privacy and cybersecurity requirements incorporated into their government contracts across all agencies.  On May 4, 2017, at 1:45 PM Eastern, Crowell & Moring attorneys Evan Wolff, Peter Miller, Mark Ries, and Kate Growley will lead a discussion to help contractors wrap their… Continue Reading

OOPS Preview: Regulating Information: Cybersecurity, Internet of Things, and Exploding Rules

Posted in Cybersecurity, Events
Companies of all sizes are increasingly subject to the practical and legal implications of today’s cybersecurity environment, and contractors are no exception.  On May 26, 2016, at 11:00 AM Eastern, Crowell & Moring attorneys David Bodenheimer, Evan Wolff, and Kate Growley will lead a discussion highlighting some of the past year’s most significant cyber contracting… Continue Reading

The Federal and Corporate Cybersecurity Landscape

Posted in Cybersecurity
Information has become foundational in today’s federal and corporate arenas and is increasingly under threat and exploitation. Last month, attorneys from Crowell & Moring’s Privacy & Cybersecurity group lent their voices to WFED/WTOP radio to discuss how the public and private sectors are responding. Listen in here as our colleagues discuss the cyber threat landscape,… Continue Reading

Interim Rule Could Expand Already Onerous DFARS Cyber Requirements

Posted in Cybersecurity
Yesterday, the DoD published an Interim Rule that, if finalized as drafted, would expand the already onerous requirements of the DFARS Safeguarding Clause to a broader array of potentially 10,000 defense contractors.  Citing “recent high-profile breaches of federal information,” the DoD’s Interim Rule emphasizes the need for clear, effective, and consistent cybersecurity protections in its… Continue Reading

Partner David Bodenheimer Recognized as Co-Chair of ABA PCL “Committee of the Year”

Posted in Cybersecurity
Crowell & Moring is proud to announce that the ABA Public Contract Law Section has recognized Partner David Bodenheimer, along with Maureen Kelly of Northrop Grumman and Annejanette Pickens of General Dynamics, for their exceptional efforts as co-chairs of the Section’s Committee on Cybersecurity, Privacy, and Data Protection.  The Section recently presented the Committee with… Continue Reading

Cyber Executive Order Continues the Push for Public-Private Partnerships

Posted in Cybersecurity
In conjunction with his remarks at the White House Summit on Cybersecurity at Stanford University earlier this month, President Obama signed Executive Order 13691, entitled “Promoting Private Sector Cybersecurity Information Sharing.”  Published in the Federal Register last week, the Order is intended to encourage and facilitate cybersecurity information sharing within the private sector, and also… Continue Reading

The “Cyber Framework” Arrives

Posted in Cybersecurity
After a year of development, NIST has released the long-awaited Cybersecurity Framework, which promises to have significant implications for the public and private sectors alike. The final version retains much of the Framework Core set forth in its draft version and provides a blueprint to align cybersecurity efforts, along with the accompanying Roadmap document discussing… Continue Reading

White House Previews Potential Incentives for Voluntary Cyber Framework

Posted in Cybersecurity
The executive cyber machine continues to hum along. Last month, the White House previewed possible “cyber incentives” that could coax private industry into following the cyber “best practices” that the government will promulgate in the not-too-distant future. The target audience is critical infrastructure: private companies that provide services so vital to the nation’s day-to-day function that… Continue Reading

Cybersecurity and Data Privacy in 2013: Contracting in a Time of Increased Scrutiny

Posted in Cybersecurity
2013 has been a historic year for cybersecurity, privacy and data breach issues. From the President’s Executive Order, to the revised NIST security & privacy controls, and to the groundbreaking Mandiant report on cyber espionage, the pressure is on for companies to secure their handling of sensitive data. In order to mitigate the risk of… Continue Reading

How Quickly 120 Days Pass – Deadline for Cyber EO

Posted in Cybersecurity
On February 12, 2013, President Obama signed Executive Order 13636 for Improving Critical Infrastructure Cybersecurity (EO), along with Presidential Policy Directive-21 on Critical Infrastructure Security and Resilience (PPD-21). Now, some 120 days later, federal agencies are feeling the crunch to report back to the White House with their findings on the state of federal cybersecurity… Continue Reading

Cybersecurity Receives Presidential Push with New Cyber Executive Order

Posted in Cybersecurity
After years of abortive attempts by Congress to enact comprehensive cybersecurity legislation, the President took matters into his own hands on February 12, signing an Executive Order, Improving Critical Infrastructure Cybersecurity.  Identifying the cyber threat as “one of the most serious national security challenges we must confront,” this Order, along with its contemporaneous Presidential Policy… Continue Reading

FedRAMP Issues First Provisional Certification to Cloud Contractor

Posted in Cybersecurity
Just before the closing bell for 2012, the federal government gave its first approval for government-wide security authorization to a cloud service provider.  On December 26, the General Services Administration (GSA) certified its first cloud service provider under the Federal Risk and Authorization Management Program, more commonly known as FedRAMP.  The GSA expects last month’s… Continue Reading

New Cyber Breach Amendment Raises Questions for Cleared Contractors

Posted in Cybersecurity
As a part of the Senate’s recent passage of the 2013 National Defense Authorization Act, Senator Carl Levin (D-MI) has introduced an amendment that would direct the Department of Defense to establish procedures requiring contractors with security clearances to make disclosures when their covered networks have been successfully breached. Amendment 3195 appears to be the latest… Continue Reading

CISPA Faces Uphill Battle

Posted in Cybersecurity
Proponents of the Cyber Intelligence Sharing and Protection Act (more commonly known as CISPA) won a small battle last month when the House of Representatives passed the proposed bill by a vote of 248 to 168, with 42 yays from Democrats.  Yet the war for comprehensive cybersecurity legislation is far from over, as CISPA’s next… Continue Reading

Proposed Defense Budget Reflects National Security Priorities

Posted in Legal Developments
In an effort to comply with the 2011 Budget Control Act, the Department of Defense has proposed a “difficult but manageable” budget that will save approximately $259 billion over the next five years, totaling $487 billion in savings within a decade. Coordinated with President Obama’s defense strategy guidance, this new budget provides a glimpse into the government’s… Continue Reading