Photo of Kate M. Growley, CIPP/G, CIPP/US

Companies have less than one week to submit comments regarding a recent interim rule that provides the responsibilities, processes, and procedures for the Federal Acquisition Security Council (“FASC”), established by the Federal Acquisition Supply Chain Security Act of 2018.  Under the immediately effective interim rule, the FASC is responsible for assessing supply chain risk and

This week’s episode discusses the recent DFARS Interim Rule titled “Assessing Contractor Implementation of Cybersecurity Requirements” and is hosted by partners Peter Eyre and Kate Growley. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or

On July 1, 2020, the Department of Defense (DoD) Office of Inspector General (OIG) published its audit report. The report assessed the DoD Joint Artificial Intelligence Center’s (JAIC) progress in developing an Artificial Intelligence (AI) governance framework and standards, as well as DoD components’ implementation of security controls to protect AI data and technologies

The National Institute of Standards and Technology (NIST) recently released the final public draft of NIST Special Publication (SP) 800-172, formerly known as Draft NIST SP 800-171B. Building on the security requirements in NIST SP 800-171, the applicable standard under DFARS 252.204-7012, 800-172 provides 34 enhanced requirements to protect Controlled Unclassified Information (CUI)

The National Institute of Standards and Technology (NIST) recently released the final public draft of NIST Special Publication (SP) 800-172, formerly known as Draft NIST SP 800-171B. Building on the security requirements in NIST SP 800-171, the applicable standard under DFARS 252.204-7012, 800-172 provides 34 enhanced requirements to protect Controlled Unclassified Information (CUI)

On April 8, 2020, the Federal Trade Commission (FTC) published a blog post titled, “Using Artificial Intelligence and Algorithms,” that offers important lessons about the use of AI and algorithms in automated decision-making. The post begins by noting that headlines today tout rapid improvements in AI technology, and the use of more advanced

Consistent with  the U.S. Department of Defense’s (DoD) Artificial Intelligence (AI) Strategy, as we previously reported on here, on April 13, 2020, DOD published a Request for Information (RFI) requesting assistance from academia and industry with the development and planning of a potential new requirement for DOD’s Joint Artificial Intelligence Center’s (JAIC) Testing &

The Defense Department (DoD) recently released Department of Defense Instruction (DoDI) 5200.48, “Controlled Unclassified Information (CUI),” which provides the DoD’s long-anticipated guidance on how to mark and handle CUI in accordance with the Federal Government’s broader CUI Program and DFARS 252.204-7012.  In doing so, it cancels legacy CUI guidance under DoD Manual 5200.01, Volume

The National Institute of Standards and Technology (NIST) recently released its final version of Revision 2 to the cybersecurity standard NIST Special Publication (SP) 800-171. While the security controls remain unchanged, Revision 2 now incorporates implementation guidance into each control.  Importantly though, such guidance remains non-binding and is not intended to extend the scope of

On February 24, 2020, following Secretary of Defense Mark Esper’s call on the private sector to work with the Department of Defense (DoD) to develop principles for using Artificial Intelligence (AI) in a “lawful and ethical manner,” (as we previously reported on here), the DoD announced its adoption of ethical principles for AI. The