Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: DOD

Posted in Cybersecurity & Data Breaches

Cybersecurity Maturity Model Certification Version 1.0 (CMMC v1.0)

On January 31 the U.S. Department of Defense issued CMMC v1.0, a new unified cybersecurity standard coupled with a certification program for all DoD contractors and subcontractors. While many questions remain, our overview of CMMC v1.0 provides background on the model and key considerations to assist your organization in understanding and adopting the framework.

Posted in Cybersecurity & Data Breaches

2014 Intelligence Authorization Act Requires Contractors to Report Cybersecurity Breaches

On Monday, 7 July, the president signed into law the Intelligence Authorization Act for Fiscal Year 2014, which requires intelligence contractors with security clearances to promptly report network and information system penetrations and provide government investigators access to such systems. This new statutory cybersecurity reporting requirement for cleared intelligence contractors is largely consistent with a reporting requirement applicable to cleared U.S. Department of Defense contractors under the National Defense Authorization Act for FY 2013.

Posted in News & Events

Proposed FAR rule would require privacy training for government contractors

On October 14, 2011, the US Department of Defense, the General Services Administration, and the National Aeronautics and Space Administration published a proposed rule that would amend the Federal Acquisition Regulation (FAR) to strengthen government contractor privacy training. This blog entry links to a Hogan Lovells Government Contracts and Privacy and Information Management Alert.

Posted in Cybersecurity & Data Breaches

Department of Defense Proposes New Information Security Requirements for Contractors

The U.S. Department of Defense (DOD) has issued an advanced notice of proposed rulemaking regarding amendments to the Defense Federal Acquisition Regulation Supplement (DFARS) that would add new data protection requirements for unclassified DOD information used or handled by contractors. See 75 F.R. 9563 (March 3, 2010). The proposed amendments would create a two-tiered system of data security requirements as well as an obligation to notify the DOD of security incidents, including all intrusions attempted by an “advanced persistent threat.”