The Department of Defense (DoD) on October 4, 2016, issued a
rule finalizing cyber reporting regulations applicable to DoD
contractors and subcontractors set forth in 32 CFR Part 236.
The rule finalizes an interim rule DoD issued on October 2, 2015
and addresses cyber incident reporting obligations for DoD
prime contractors and subcontractors.
Notably, the final rule clarifies the by now well-known
definition of the term 'covered defense information'
("CDI"). This same term is used in DFARS
252.204-7012. This DFARS clause defines CDI to include four
different categories: (1) covered technical information
("CTI"); (2) operations security; (3) export controlled
information; and (4) any other information, marked or otherwise
identified in the contract, that requires safeguarding or
dissemination controls pursuant to and consistent with law,
regulations, and government-wide policies.
Given the similarities of this final category to the definition
of controlled unclassified information ("CUI")
promulgated in connection with the National Archives and Records
Administration's (NARA) rule, we have understood this
latter category to include CUI identified by NARA pursuant to its
efforts under EO 13556. The DoD's new final rule provides
support for this understanding because it narrows the definition of
CDI to only two categories: (1) CTI and (2) CUI. This
modification accordingly appears to make clear that the
"catch-all" category of CDI contained in DFARS
252.204-7012 was intended to align with NARA's CUI efforts.
Importantly, this final rule makes no changes to the DFARS
clause itself, and it is likely that conforming changes will
be made to the DFARS clause in a future revision. The
December 2015 version of the DFARS clause remains effective.
Nevertheless, in light of the final rule contractors and
subcontractors seeking to understand the scope of the CDI
under the DFARS clause should include CUI in their review as they
await further revision to the clause.
Dentons is the world's first polycentric global law firm. A
top 20 firm on the Acritas 2015 Global Elite Brand Index, the Firm
is committed to challenging the status quo in delivering consistent
and uncompromising quality and value in new and inventive ways.
Driven to provide clients a competitive edge, and connected to the
communities where its clients want to do business, Dentons knows
that understanding local cultures is crucial to successfully
completing a deal, resolving a dispute or solving a business
challenge. Now the world's largest law firm, Dentons'
global team builds agile, tailored solutions to meet the local,
national and global needs of private and public clients of any size
in more than 125 locations serving 50-plus countries.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Budget 2017 is out! In his recent Budget speech, Finance Minister Heng Swee Keat announced numerous initiatives to assist SMEs with adopting digital technologies and accessing intellectual property (IP) rights. Through these initiatives, companies may now obtain the support they need in order to tap on the digital economy and improve productivity.
However, when acquiring and using digital technologies and IP rights, there are various legal and commercial issues that companies have to be aware of. For example, what are the key legal issues to consider when dealing with technology vendors? What are the important contracts and documents that you should have? Should you bargain or negotiate terms with a vendor? Is it safe to agree to everything that a vendor wants?
Join our Dentons Rodyk Intellectual Property & Technology Senior Partners Gilbert Leong, Woon-Chooi YEW and their colleagues, as they address the above topics and help you to navigate the complexities that may lie ahead.
Dentons partner Lisa Oberg will co-chair the Cutting-Edge Issues in Asbestos Litigation Conference, which will be held March 6–7 at the Beverly Wilshire Hotel in Beverly Hills, CA. The conference will address some of the most relevant emerging trends in asbestos litigation.
Please mark your calendar and join us in our New York office on February 15, from 3 to 6:30 p.m. for a global cross-border M&A seminar featuring two separate panel discussions followed by a cocktail reception. The first panel will discuss the prospects for global M&A under a new US administration with perspectives from our colleagues in Latin America as well as US industry experts. The second panel will review the impact of Chinese investments on a global stage featuring both US and China decision makers.
The FAR Council issued a final rule, effective January 19, 2017, which will broadly require specific privacy training, and annual re-training, for contractor or subcontractor personnel dealing with "personally identifiable information" (PII).
In December 2016, Jones Day issued "Government Contracts Ramifications of the Trump Election," a Commentary in which we discussed several likely impacts of the Trump Administration in the government contracts arena.
Recent agency guidance, rulemakings, and enforcement actions—all issued prior to the change in administrations—demonstrate the financial regulatory agencies' commitment to enforcing the Bank Secrecy Act...
Most government contractors in the construction industry are well aware that by providing goods or services to government-funded construction projects, they are potentially subject to liability under the False Claims Act
This past weekend, President Donald Trump signed an Executive Order requiring all new appointees in his Administration to sign an ethics pledge that contains special "revolving door" and gift restrictions.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).