HDR farblog

Deadline for controlled unclassified information is approaching

If you are a contractor or subcontractor that handles controlled unclassified information (CUI), the deadline for implementing security requirements under DFARS § 252.204-7000 (and following sections) and NIST SP 800-171 is December 31, 2017.

Continue reading

DoD issues new cybersecurity implementation plan

The U.S. Department of Defense (DoD) has issued a revised Cybersecurity Discipline Implementation Plan. The previous version of the plan was issued in October 2015; the latest edition was released in February 2016.

Continue reading

Defense Department gives contractors more time to implement cyber security requirements

On December 30, 2015, the U.S. Department of Defense issued a new interim rule about implementing a previously issued interim rule about cyber security. The new interim rule gives government contractors and subcontractors more time to implement security requirements.

Continue reading

Final rule issued governing supply-chain risk in government procurement

On October 30, the U.S. Department of Defense (DoD) issued a final rule governing supply-chain risk and government procurement. This final rule replaces the interim rule issued on November 28, 2013.

Continue reading

DoD issues interim rule about computer security that affects government contractors

On August 26, 2015, the U.S. Department of Defense (DoD) issued an interim rule that affects almost all government contractors. The interim rule requires government contractors to report “cyber incidents” that result in real or actual adverse effects on contractor information systems. The rule went into effect immediately.

Continue reading