On January 23, 2014, the Department of Defense and General Services Administration issued a final report making recommendations for the development of cybersecurity standards in the acquisition and contracting process.  The report, entitled “Improving Cybersecurity and Resilience Through Acquisition,” seeks “to recommend how cyber risk management and acquisition process in

On September 27, 2013, the Department of Defense, General Services Administration, and National Aeronautics and Space Administration announced interim rules in the Federal Acquisition Regulations (“FAR”) and Defense Federal Acquisition Regulations Supplement (“DFAR”) outlining enhancements to whistleblower protections for contractor employees (the “Program”).  The interim rules implement Section 828 of the National Defense Authorization Act (“NDAA”) for Fiscal Year 2013, which went into effect on July 1, 2013.  The interim rules create a four-year pilot program for executive agencies subject to the Public Contracts section of the United States Code (“Title 41 agencies”) and make extensive changes to whistleblower protection for agencies subject to the Armed Forces section of the United States Code (“Title 10 agencies”).  The interim rules also create a whistleblower exemption for portions of the intelligence community subject to the National Security Act of 1947 (“Title 50 agencies.”)

Last week, the General Services Administration (“GSA”) issued a Request for Information (“RFI”) soliciting comments from federal contractors on the feasibility of incorporating cybersecurity standards into federal acquisitions rules.  78 Fed. Reg. 27,966 (May 13, 2013).  Through the RFI, GSA hopes to obtain diverse stakeholder involvement prior to the implementation of any new cybersecurity framework.