A DFARS final rule (Nov. 18, 2013) on the safeguarding of unclassified, controlled technical information requires contractors, among other things, to report within 72 hours of discovery any “cyber incident” (an action that results in an actual or potentially adverse affect on an information system and/or the information residing therein), preserve relevant data for at least 90 days, conduct an internal review of its network for evidence and extent of any compromise of data, cooperate with DoD “damage assessments,” and flow the clause down to subcontractors (even for commercial items) — all at the contractor’s own cost. Given the rampant intellectual property and technology losses due to cyber espionage and other thefts documented in Congressional hearings, intelligence assessments, and industry reports this year, these DFARS requirements will apply additional pressure upon contractors to amend their existing compliance policies and procedures to address how to respond to a cyber incident and comply with these regulations.

Print:
EmailTweetLikeLinkedIn
Photo of David Bodenheimer David Bodenheimer

David Z. Bodenheimer is a Government Contracts Group partner and litigator in Crowell & Moring’s Washington, D.C. office. Mr. Bodenheimer brings 33 years of hands-on experience in doing business with the federal government. Nationally ranked by Chambers USA in Government Contracts and described…

David Z. Bodenheimer is a Government Contracts Group partner and litigator in Crowell & Moring’s Washington, D.C. office. Mr. Bodenheimer brings 33 years of hands-on experience in doing business with the federal government. Nationally ranked by Chambers USA in Government Contracts and described as “an impressive government contracts practitioner” and “a fabulous writer,” he has found solutions for clients for everything from bet-the-company cases to the day-to-day complexities of government contracting.

Photo of Evan D. Wolff Evan D. Wolff

Evan D. Wolff is a partner in Crowell & Moring’s Washington, D.C. office where he is co-chair of the firm’s Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical background and…

Evan D. Wolff is a partner in Crowell & Moring’s Washington, D.C. office where he is co-chair of the firm’s Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical background and understanding of complex cybersecurity legal and policy issues. Calling upon his experiences as a scientist, program manager, and lawyer, Evan takes an innovative approach to developing blended legal, technical, and governance mechanisms to prepare companies with rapid and comprehensive responses to rapidly evolving cybersecurity risks and threats. Evan has conducted training and incident simulations, developed response plans, led privileged investigations, and advised on hundreds of data breaches where he works closely with forensic investigators.