Pittsburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
One PPG Place, Suite 1500
Pittsburgh, PA 15222
(412) 566-1212
(412) 594-5619
Directions to Pittsburgh

Harrisburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
300 Corporate Center Drive, Suite 200
Camp Hill, PA 17011
(717) 234-4121
(717) 232-6802
Directions to Harrisburg

New York, NY

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
250 Park Avenue, Suite 1508, 7th Floor
New York, NY 10171
(212) 739-7910
(212) 739-9607
Directions to New York

Foster City, CA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
1098 Foster City Boulevard, Suite 106 #700
Foster City, California 94404
(650)208-2701
Directions to Foster City

Widget Title

  • People
  • Practice Areas
  • News + Insights
    • News
    • Articles
    • Speaking
  • Office Locations
    • Pittsburgh
    • Harrisburg
    • New York
    • Foster City
  • About the Firm
    • Overview
    • Careers
    • Diversity
    • Women@Tucker
    • Affiliations
    • Pro Bono & Community

Title

  • Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Tucker Arensberg, P.C.Tucker Arensberg, P.C.

Attorneys in Pittsburgh, Harrisburg, New York City

  • People
  • Practice Areas
  • News + Insights
  • About Our Firm
  • COVID 19: Answers to Business Challenges
ShareBookmarkPDF

Defense Contractors Are Required To Implement Cybersecurity Measures In Order To Do Business with the Federal Government

Articles, Privacy, Technology and Data Security September 14, 2020

By Mark Hamilton

The Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.204-7008 and 252.204-7012 require defense contractors who possess, store or transmit “covered defense information” to comply with the security requirements set forth in the U.S. National Institute of Standards and Technology (“NIST”) Special Publication 800-171 (“SP 800-171).  “Covered defense information” includes unclassified controlled technical information of the type contained in drawings related to the manufacture of defense articles.  

These DFARS clauses contain a flow down provision that requires defense contractors to incorporate these clauses into their contracts with any subcontractors who provide “operationally critical support” or whose subcontracts otherwise involve covered defense information. 

These regulations also require companies to report the discovery of any “cyber incidents” that affect either a contractor’s computer system or the covered defense information stored in the contractor’s computer system.  This means that the US Government expects even second and third-tier contractors to report any incidents in which their computer systems are compromised.

To recap, if your company is working on defense contracts, it is required to implement SP 800-171 in order to comply with the relevant DFARS cybersecurity requirements.  This is true even where your company is merely a second or third-tier contractor because the prime contractor is required to flow down these DFARS clauses to its subcontractors. 

The implementation deadline for SP 800-171 was December 31, 2017.  So if your company is not yet compliant, do not wait for the next time sensitive purchase order to arrive before taking action.  For additional information contact Mark Hamilton.

Primary Sidebar

Defense Contractors Are Required To Implement Cybersecurity Measures In Order To Do Business with the Federal Government

Related

People

  • Mark C. Hamilton

Practice Areas

  • Privacy, Data Security & Technology
© 2023 All Rights Reserved|Tucker Arensberg, P.C.|Log in|Powered by Content Pilot
  • Sitemap
  • Disclaimer
  • Privacy Policy