Contractors affected by the US cybersecurity requirements: take part in the GWAC comment process
By Dionis M Gauvin, Fernand A Lavallee PC and Jim Halpert
The US General Services Administration is seeking comments from the private sector on draft Alliant II Government Wide Acquisition Contract (GWAC) cyber-security requirements. The Alliant GWAC provides flexible access to customised IT solutions from a large, diverse pool of industry partners. We urge contractors whose business may be affected by the cyber-security requirements to participate in this process. The comment period will be open for 45 days. After the comment period closes, the target date for implementation is January 2015.
The draft language addresses cyber-security requirements for the Alliant II GWAC, which is currently in the acquisition phase. The purpose of these requirements is to improve cyber-security risk management in the services purchased through orders placed under the Alliant II GWAC. In drafting the cyber-security requirements, the Alliant Program Office was assisted by the interagency working group responsible for drafting the recommendations included in the joint report by the GSA and the Department of Defense, Improving Cybersecurity and Resilience through Acquisition.
Specifically, the draft language requires contractors to provide a Contract Cyber-security Risk Management Plan, outlining the contractor’s ‘systematic and organisational’ ability to provide solutions that include ‘appropriate security controls’ for any task within the scope of the contract. ‘Cybersecurity Risk Management’ is defined as technologies, practices and policies that address ‘threats and vulnerabilities in networks, computers, programs and data’. The draft language describes the submittal, review and acceptance process for risk management plans, as well as the process for updating plans and correcting deficiencies…
Click on the link below to read the rest of the DLA Piper briefing.
News from DLA Piper
News from The Lawyer
Briefings from DLA Piper
Don’t forget the 23 September 2014 deadline to ensure your business associate agreements comply with the Omnibus Final Rule
Covered entities with business associate agreements that were entered on or before 25 January 2013 must revise their BAAs by 23 September 2014.
The new amendments to the Russian Civil Code will only apply to legal relationships that emerge after 1 July 2014.
Analysis from The Lawyer
Shearman & Sterling is making its presence felt in the City, squaring up to magic circle firms and looking to muscle in on key relationships. Private equity house Bridgepoint is one outfit that has had its head turned by the US firm.
A new breed of lawyer is smoothing the path for companies entering emerging or unstable jurisdictions