On October 24, 2019, Crowell & Moring in conjunction with the American Bar Association will be hosting the sixth annual Legal Careers in Cybersecurity, Privacy & Information Law networking and discussion event. This event offers law students and new lawyers the opportunity to learn how to meld law, policy, and technology, and better navigate the
DoD Increases DCMA Cybersecurity Responsibilities: DCMA to Implement and Assess Company-Wide Cyber Compliance
Adding to the Defense Contract Management Agency’s (DCMA) new cybersecurity responsibilities, the Department of Defense (DoD) Under Secretary of Defense for Acquisition and Sustainment (USDAS) recently issued a memorandum titled Strategically Implementing Cybersecurity Contract Clauses that increases DCMA’s role. The memorandum tasks DCMA with implementing a process to perform company-wide assessments of contractors’ compliance
OOPS 2018 Preview: Contractors and Cybersecurity
With even DoD officials acknowledging cyber threats ranging from exfiltrating our top military secrets (“the terabyte of death” per DISA’s Director) to seizing control of SECDEF’s car to sinking Navy vessels with critical infrastructure attacks, both federal agencies and government contractors are in the pressure cooker. For contractors, bad cybersecurity not only opens the door
How Quickly Should Contractors Report Data Breaches? GAO Denies Protest Finding 12 Hours Is Not Fast Enough
In Matter of: First Fin. Assocs., Inc., B-415713, Feb. 16, 2018, the Government Accountability Office (GAO) denied a protest filed by First Financial Associates, Inc. (FFA) against an award by the Department of Homeland Security, U.S. Secret Service (DHS/USSS) to FEEA Childcare Services, Inc. (FEEA) for the administration of a childcare subsidy program. FFA alleged that their proposal was not evaluated consistently with the RFP’s evaluation criteria regarding the protection of personally identifiable information (PII) incident reporting requirements.
Continue Reading
New Draft NIST Guidance on Systems Security Engineering
The National Institute of Standards and Technology (NIST) recently published a draft special publication titled Systems Security Engineering: Resiliency Considerations for the Engineering of Trustworthy Secure Systems (Volume 2), which provides guidance to professionals responsible for the activities and tasks related to the system life cycle processes in NIST’s flagship publication, NIST Special Publication 800-160