Uncategorized

The Pentagon has released a final rule that greatly expands the number of defense industrial base (DIB) companies that can receive cybersecurity intelligence from DoD on a voluntary basis. The latest rule updates the Defense Industrial Base (DIB) Cybersecurity (CS) Program and will allow all defense contractors “who own or operate an unclassified information system that processes, stores, or transmits covered defense information to benefit from bilateral information sharing.” The final rule comes after the DoD gathered public feedback on the changes last summer. “We do this to continue to move forward to reduce cyber risk and to bolster cybersecurity,” Diedra Padgett, deputy director of the DIB Operations Directorate, said in announcing the proposed revision to the program in May 2023. “This has been a long-fought battle for years in the making,” she said. The new rule will take effect on April 11, according to a notice posted to the Federal Register on Tuesday.

To read more, click here.

On March 7, 2024, Deputy Attorney General Lisa Monaco announced Department of Justice (DOJ) initiatives to incentivize whistleblowers with payouts from civil or criminal forfeitures and to integrate artificial intelligence (AI) into existing corporate enforcement programs and sentencing guidelines.  Speaking at the American Bar Association’s (ABA) 39th National Institute on White Collar Crime in San Francisco, Monaco also announced updates regarding DOJ’s investment of resources into the most serious cases, and the addition of a provision to the DOJ Justice Manual codifying the Mergers & Acquisitions Safe Harbor Policy launched last October.

To learn more, click here.

The National Institute of Standards and Technology (NIST) today rolled out its Cybersecurity Framework (CSF) 2.0 – an update ten years in the making following the agency’s groundbreaking initial version of the cyber framework that has shaped security thinking across the private and public sectors in enduring ways. While the framework has always been positioned as a set of voluntary guidelines – and remains so – it has also become something of a de facto standard and starting point in many conversations that later morph into critical security decisions. “The CSF has been a vital tool for many organizations, helping them anticipate and deal with cybersecurity threats,” NIST Director Laurie Locascio said in a Feb. 26 press release. To read more, click here.

DoD is issuing a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to implement an Executive order addressing domestic preferences in DoD procurement.  The revisions to the DFARS in this final rule supplement the FAR final rule published in the Federal Register at 87 FR 12780 on March 7, 2022, with the required conforming changes for the DoD-unique requirements. Four respondents submitted public comments in response to the proposed rule. To read more, click here.

Today, the United States Department of Defense released Resilient and Healthy Defense Communities (RHDC) Strategy, which will guide the Department’s actions in the coming years to improve the built and natural environment on defense installations. To read the memorandum, please click here.