On January 23, 2014, the Department of Defense and General Services Administration issued a final report making recommendations for the development of cybersecurity standards in the acquisition and contracting process. The report, entitled “Improving Cybersecurity and Resilience Through Acquisition,” seeks “to recommend how cyber risk management and acquisition process in
Security
Interim Rules on Whistleblower Protection for Contractor Employees Issued by DOD, GSA and NASA
On September 27, 2013, the Department of Defense, General Services Administration, and National Aeronautics and Space Administration announced interim rules in the Federal Acquisition Regulations (“FAR”) and Defense Federal Acquisition Regulations Supplement (“DFAR”) outlining enhancements to whistleblower protections for contractor employees (the “Program”). The interim rules implement Section 828 of the National Defense Authorization Act (“NDAA”) for Fiscal Year 2013, which went into effect on July 1, 2013. The interim rules create a four-year pilot program for executive agencies subject to the Public Contracts section of the United States Code (“Title 41 agencies”) and make extensive changes to whistleblower protection for agencies subject to the Armed Forces section of the United States Code (“Title 10 agencies”). The interim rules also create a whistleblower exemption for portions of the intelligence community subject to the National Security Act of 1947 (“Title 50 agencies.”)
Responsibility of an Employer to Act Upon Threats From or By an Employee
Connie N. Bertram, Co-Chair of the Government Contractor Compliance Group, was quoted in an article in the Washington Post discussing the Navy Yard shootings. Ms. Bertram reminded contractors of the obligation to notify the government of threatening and violent conduct by employees with security clearances. She also emphasized that contractors…
Government RFI on New Cybersecurity Measures for Federal Contracts
Last week, the General Services Administration (“GSA”) issued a Request for Information (“RFI”) soliciting comments from federal contractors on the feasibility of incorporating cybersecurity standards into federal acquisitions rules. 78 Fed. Reg. 27,966 (May 13, 2013). Through the RFI, GSA hopes to obtain diverse stakeholder involvement prior to the implementation of any new cybersecurity framework.