The US Department of Defense (DOD) earlier today issued a second interim rule, effective immediately, that gives affected contractors until December 31, 2017, to implement fully compliant cyber security controls.

The cyber security requirements, contained in the National Institute of Standards and Technology (NIST) Special Publication (SP) No. 800-171, were part of a prior interim rule issued in August 2015. Sometimes referred to as the Network Penetration Rule, DOD’s first interim rule had required immediate compliance with NIST SP 800-171 at both the prime and subcontract levels. Although DOD’s second interim rule gives contractors additional time to implement the requirements of NIST SP 800-171, the rule as revised still imposes certain near-term burdens on affected contractors and subcontractors. Read the full article.

Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Phillip Seckman

About Phillip Seckman

Phillip Seckman represents clients concerning government and commercial contract matters. His practice spans a broad range of subjects related to federal procurement law, state and local procurement law, and complex federal regulatory issues. He concentrates his practice in the areas of commercial item acquisitions, GSA schedule contracting, cybersecurity, compliance, internal investigations, and bid protests (both federal and state). A significant component of his practice involves government contract cost allowability, proper cost accounting, and contract cost and pricing issues.

Full bio

RELATED POSTS