Contractors affected by the US cybersecurity requirements: take part in the GWAC comment process

By Dionis M Gauvin, Fernand A Lavallee PC and Jim Halpert

The US General Services Administration is seeking comments from the private sector on draft Alliant II Government Wide Acquisition Contract (GWAC) cyber-security requirements. The Alliant GWAC provides flexible access to customised IT solutions from a large, diverse pool of industry partners. We urge contractors whose business may be affected by the cyber-security requirements to participate in this process. The comment period will be open for 45 days. After the comment period closes, the target date for implementation is January 2015.

The draft language addresses cyber-security requirements for the Alliant II GWAC, which is currently in the acquisition phase. The purpose of these requirements is to improve cyber-security risk management in the services purchased through orders placed under the Alliant II GWAC. In drafting the cyber-security requirements, the Alliant Program Office was assisted by the interagency working group responsible for drafting the recommendations included in the joint report by the GSA and the Department of Defense, Improving Cybersecurity and Resilience through Acquisition.

Specifically, the draft language requires contractors to provide a Contract Cyber-security Risk Management Plan, outlining the contractor’s ‘systematic and organisational’ ability to provide solutions that include ‘appropriate security controls’ for any task within the scope of the contract. ‘Cybersecurity Risk Management’ is defined as technologies, practices and policies that address ‘threats and vulnerabilities in networks, computers, programs and data’. The draft language describes the submittal, review and acceptance process for risk management plans, as well as the process for updating plans and correcting deficiencies…

Click on the link below to read the rest of the DLA Piper briefing.

Briefings from DLA Piper

View more briefings from DLA Piper

Analysis from The Lawyer

View more analysis from The Lawyer

Overview

3 Noble Street
London
EC2V 7EE
UK
http://www.dlapiper.com

Turnover (£m): 1,539.00
No. of lawyers: 4,374
(UK 200)
Jurisdiction: UK
No. of offices: 12
No. of qualified lawyers: 625 (International 50)