What Defense Contractors and Their GCs Must Know About the New Cybersecurity Regulations and NIST SP 800-171 Guidelines

On Aug. 26, 2015, the U.S. Department of Defense announced its new Network Penetration Reporting and Contracting for Cloud Services regulations. These regulations took defense contractors by surprise because they had not been previously noticed and, although labeled an interim rule, the requirements were effective immediately. In particular, the new regulations mandated that contractors immediately implement the security requirements specified by the National Institute of Standards and Technology for Protecting Controlled Unclassified Information, NIST SP 800-171.

On Dec. 30, 2015, after considering industry comments and opposition, the Defense Department announced that contractors would have two years, until Dec. 31, 2017, to fully implement the security requirements specified by NIST SP 800-171.

Taft’s Government Contracts and Privacy & Data Security teams will present a webinar on the NIST SP 800-171 Guidelines on Thursday, Feb. 4, 2016 from 12:00-1:00 p.m. EST. The goals of this webinar are to provide general counsel and executives with:

• An overview of the Network Penetration Reporting and Contracting for Cloud Services regulations.
• An overview of the NIST SP 800-171 Guidelines for Protecting Controlled Unclassified Information.
• The important nuances of the guidelines as highlighted in the comments to the new regulations.

Register by clicking on the red link above. Instructions on how to access the webinar will be emailed to registered attendees prior to the date.

For more information, contact Bethany Smith, Director of Business Development, at bsmith@taftlaw.com.