New Rules for Cleared Contractors Starting Nov
•
1 like•25 views
The Defense Security Service issued new rules for government contractors with facility security clearances that take effect on November 30, 2016. The changes are outlined in the National Industrial Security Program Operating Manual and require contractors to have an insider threat program plan, appoint an insider threat senior official, conduct annual self-inspections including insider threat vulnerability analysis, continue reporting relevant employee information, implement a system to identify careless classified information handling, provide insider threat training to employees, and monitor user activity on classified systems. All cleared contractors should review their policies and procedures with their facility security officer and legal counsel before the November 30 deadline.
Report
Share
Report
Share
Download to read offline
Recommended
Are you GDPR ready?
Are you ready for GDPR that goes into effect on May 25, 2018? This article will help you stay ahead on GDPR.
Cybersecurity & data privacy whistleblower incentives and protections
Cybersecurity & data privacy whistleblower incentives and protectionsZuckerman Law Whistleblower Protection Law Firm
Pending legislation in Congress wuold protect whistleblowing about cybersecurity and data privacy. In the interim, some existing federal and state whistleblower protection laws provide limited protection for cybersecuriity and data privacy whistleblowing.Beginning your General Data Protection Regulation (GDPR) Journey
This document provides an overview of the General Data Protection Regulation (GDPR) and how Windows 10 can help organizations comply with it. It begins with background on the GDPR, including its key implications like enhanced privacy rights for EU citizens and mandatory breach reporting. It defines personal and sensitive data under the GDPR. The document then outlines the key steps for an organization's GDPR compliance journey and describes various security and privacy capabilities in Windows 10 that can help with compliance, such as threat protection, identity protection, and information protection features. It concludes by providing Windows 10 resources to help organizations meet GDPR requirements.
New_Whistleblowing_Protections_for_Employees_of_Government_Contractors
The 2013 National Defense Authorization Act creates strong new protections for employees of federal contractors and subcontractors who “blow the whistle” on their own employers. The law encourages employees to report “gross mismanagement,” “gross waste,” “abuse of authority” and other misconduct related to federal contracts. Mark discusses these new protections.
A Primer on U.S. Privacy and Security Law for Business
Parsons Behle & Latimer briefing given for Cybersecurity Awareness Month - October 24, 2017 - Tsutomu Johnson
How to Approach the NYDFS Proposed Cybersecurity Requirements
The New York Department of Financial Services (NYDFS) is expected to pass a proposed cybersecurity regulation in January 2017, called "Cybersecurity Requirements for Financial Services Companies".
In the light of the imminent regulatory update, most financial institutions, and insurance providers are preparing to comply with the fundamental requirements that the NYDFS will likely adopt.
In this webinar, we covered:
- Explanations of the regulation’s key legal requirements;
- How the regulation interacts with other data security laws;
- Industry best practices for securing data;
- The value of online compliance training.
Employment Contracts & The Importance of Getting them Right
This document summarizes a presentation about the importance of employment contracts. It discusses key considerations when drafting employment contracts such as clarifying terms of employment, preventing disputes, and protecting commercial interests. It also outlines important legal requirements regarding how employment relationships are characterized, workplace policies, restraint of trade clauses, termination notice periods, and regulatory frameworks governing employment standards. Ensuring employment contracts are drafted carefully and comply with legal requirements is important for empowering businesses and managing risk.
Privacy Year In Preview
This document provides a preview of key privacy and data security trends and issues that organizations should prepare for in 2017. It highlights major developments and challenges, such as the implementation of the EU's General Data Protection Regulation (GDPR), uncertainty around the EU-US Privacy Shield agreement, growing momentum to regulate privacy in internet-connected devices, and increasing privacy litigation and cyber threats. The document advises organizations to undertake assessments, update policies and procedures, and budget adequately to strengthen compliance and mitigate risks arising from these evolving laws, regulations and technologies.
Recommended
Are you GDPR ready?
Are you ready for GDPR that goes into effect on May 25, 2018? This article will help you stay ahead on GDPR.
Cybersecurity & data privacy whistleblower incentives and protections
Cybersecurity & data privacy whistleblower incentives and protectionsZuckerman Law Whistleblower Protection Law Firm
Pending legislation in Congress wuold protect whistleblowing about cybersecurity and data privacy. In the interim, some existing federal and state whistleblower protection laws provide limited protection for cybersecuriity and data privacy whistleblowing.Beginning your General Data Protection Regulation (GDPR) Journey
This document provides an overview of the General Data Protection Regulation (GDPR) and how Windows 10 can help organizations comply with it. It begins with background on the GDPR, including its key implications like enhanced privacy rights for EU citizens and mandatory breach reporting. It defines personal and sensitive data under the GDPR. The document then outlines the key steps for an organization's GDPR compliance journey and describes various security and privacy capabilities in Windows 10 that can help with compliance, such as threat protection, identity protection, and information protection features. It concludes by providing Windows 10 resources to help organizations meet GDPR requirements.
New_Whistleblowing_Protections_for_Employees_of_Government_Contractors
The 2013 National Defense Authorization Act creates strong new protections for employees of federal contractors and subcontractors who “blow the whistle” on their own employers. The law encourages employees to report “gross mismanagement,” “gross waste,” “abuse of authority” and other misconduct related to federal contracts. Mark discusses these new protections.
A Primer on U.S. Privacy and Security Law for Business
Parsons Behle & Latimer briefing given for Cybersecurity Awareness Month - October 24, 2017 - Tsutomu Johnson
How to Approach the NYDFS Proposed Cybersecurity Requirements
The New York Department of Financial Services (NYDFS) is expected to pass a proposed cybersecurity regulation in January 2017, called "Cybersecurity Requirements for Financial Services Companies".
In the light of the imminent regulatory update, most financial institutions, and insurance providers are preparing to comply with the fundamental requirements that the NYDFS will likely adopt.
In this webinar, we covered:
- Explanations of the regulation’s key legal requirements;
- How the regulation interacts with other data security laws;
- Industry best practices for securing data;
- The value of online compliance training.
Employment Contracts & The Importance of Getting them Right
This document summarizes a presentation about the importance of employment contracts. It discusses key considerations when drafting employment contracts such as clarifying terms of employment, preventing disputes, and protecting commercial interests. It also outlines important legal requirements regarding how employment relationships are characterized, workplace policies, restraint of trade clauses, termination notice periods, and regulatory frameworks governing employment standards. Ensuring employment contracts are drafted carefully and comply with legal requirements is important for empowering businesses and managing risk.
Privacy Year In Preview
This document provides a preview of key privacy and data security trends and issues that organizations should prepare for in 2017. It highlights major developments and challenges, such as the implementation of the EU's General Data Protection Regulation (GDPR), uncertainty around the EU-US Privacy Shield agreement, growing momentum to regulate privacy in internet-connected devices, and increasing privacy litigation and cyber threats. The document advises organizations to undertake assessments, update policies and procedures, and budget adequately to strengthen compliance and mitigate risks arising from these evolving laws, regulations and technologies.
Sect r35 a
The document discusses new SEC guidance from 2011 recommending that companies disclose information security risks and cyber incidents in mandatory regulatory filings if such issues pose material risks. It analyzes a dataset of Fortune 500 company filings before and after the guidance to assess the impact. The analysis found that the number of companies disclosing cyber risks increased significantly after the guidance, and that the size of those disclosures also tended to grow. It provides examples of disclosures that now include more details on potential cyber threats, threat actors, vulnerable assets, and consequences.
The "Fiscal Cliff"
What is the "fiscal cliff"? It's the term being used by many to describe the unique combination of tax increases and spending cuts scheduled to go into effect on January 1, 2013. The ominous term reflects the belief by some that, taken together, higher taxes and decreased spending at the levels prescribed have the potential to derail the economy. Whether we do indeed step off the cliff at the end of the year, and what exactly that will mean for the economy, depends on several factors.
Managing Consumer Data Privacy
For today’s digital businesses, being prepared to meet new compliance requirements when storing and managing consumer data will not only minimize risk, but also enable more valued and trusted customer experiences that drive increased loyalty, engagement and revenue. To gain better perspective on this important issue, it’s important to understand:
- The trends driving governmental regulatory shifts and the basic tenets of these new laws
- The challenges faced by executives across the enterprise when managing privacy compliance for consumer data
- The emergence of cloud-based solutions that help businesses manage privacy compliance by acting as end-to-end customer data storage and management solutions that are far more scalable and flexible than legacy systems
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Shawn Tuma is a cybersecurity lawyer with expertise in data privacy law. He is a partner at Scheef & Stone LLP, a commercial law firm in Texas. Tuma has extensive experience advising businesses on cybersecurity issues and data breaches. He serves on several boards and committees related to cybersecurity law and policy. The document provides an overview of Tuma's background and experience in cybersecurity law.
201 CMR 17.00
This document summarizes an informational breakfast event about complying with Massachusetts identity theft and data security regulations. The event featured presentations from attorneys and consultants on assessing risks, creating a written security program, establishing procedures, and other best practices for businesses to protect personal information and comply with the regulations. It provided an overview of the new regulations, implications for businesses, how to assess security and create a compliance plan, and contact information for organizations that can help or provide free assessments.
By 23 February 2018 we will have new mandatory data breach reporting obligati...
By 23 February 2018 we will have new mandatory data breach reporting obligati...LJ Gilland Real Estate Pty Ltd
The document provides a guide to new mandatory data breach reporting obligations under Australian privacy law. It outlines who is captured under the obligations, what constitutes an eligible data breach, the steps that must be taken in the event of a suspected or confirmed breach, and the potential consequences for non-compliance. Specifically, it notes that organisations with over $3 million annual turnover must report eligible data breaches involving personal information, which involves unauthorised access that would likely result in serious harm. They must assess any suspected breach within 30 days and notify the regulator and affected individuals of any confirmed breach. Failure to comply can result in penalties, compensation orders, and civil litigation.China's, Third Plenum of the 18th Party Congress key decisions
The Communist Party of China concluded the 3rd Plenum of the 18th Party Congress on November 12th, 2013, after four days. The Plenum set the agenda for the government in the next decade. The concluding document contains reform efforts targeting the following fourteen areas:
Benefits buzz january 2017
You may want to wait on compliance with the new OT regulations and we'll look to stay on top of the forthcoming ACA changes as well...
2020 NYS Shield Act Webinar
Get up to date on the NYS Shield Act to learn what you need to know to comply by March 2020.
To watch the webinar recording on-demand check out this link: https://zoom.us/webinar/register/WN_qkaEUTIzQJ6B3MIyKUAHAg
Forecast cybersecurity regulation v3
Regulators Cannot be Viewed as the Leaders in Cybersecurity Strategies. The Challenge Exists just to keep up!
NIST Cybersecurity Requirements for Government Contractors
What is Controlled Unclassified Information (CUI)? What is NIST SP 800-171? How is my project management and accounting system impacted?
Navigating your way through these complex topics can be difficult for any government contractor, but protecting CUI in a non-federal environment is critical. Compliance is required by December 31, 2017.
Join us for this webinar to learn more about:
• What it means to be compliant with NIST SP 800-171
• Documenting your compliance status
• Preparing for audits and/or requests for compliance attestation/reports
• Key CUI requirements
• Suggested NIST processes
• How having the right system and team in place can help you remain compliant
Learn more at: https://www.unanet.com/news/demand-webinars
Splunk: How Machine Data Supports GDPR Compliance
This document discusses the European Union's General Data Protection Regulation (GDPR) and how the log analysis software Splunk can help organizations comply with GDPR requirements. The GDPR aims to strengthen data protection for all EU citizens and applies to any company processing personal data of EU residents. It introduces fines of up to 4% of annual global turnover for violations. Splunk allows organizations to detect, prevent and investigate data breaches, search and report on personal data processing activities to comply with GDPR provisions, and prove that appropriate technical and organizational security measures are in place.
SEC Whistleblower Rules
This document summarizes a presentation on SEC whistleblower rules given by attorneys from Paul Hastings LLP. It discusses the evolution of whistleblower legislation including provisions in the False Claims Act, Sarbanes-Oxley Act, and Dodd-Frank Act. Key points include increased incentives for whistleblowers like monetary awards leading to more tips to the SEC. Open legal issues remain around the extraterritorial application of rules and whether internal reporting is protected. Companies are advised to foster compliance cultures and protect whistleblowers to mitigate risks.
How-to-start-a-captive
The article discusses how captives are increasingly being used by middle market companies as part of their enterprise risk management strategies. Captives allow mid-sized companies to reduce insurance costs, protect some assets, and insure risks not covered by the commercial markets. Some additional benefits of captives for mid-market firms include rewarding employees through ownership and creating tax-efficient claims reserves. The article argues that captives, when properly structured, can help mid-sized businesses holistically manage risks across their organizations in a more integrated manner through their enterprise risk management programs.
ANZSOG 2014 - What business wants from government;Phil Edmands
Phil Edmands, Managing Director of Rio Tinto Australia, discusses what business wants from government when proposing a large mining project. He outlines several key factors: the project must earn an adequate return to justify the large upfront investment; there must be certainty that the expected return will not be disrupted by changes in government policy; and the operating environment must allow for efficient approvals, a balanced fiscal system, protection of investment stability and title rights, and access to necessary inputs like skilled labor and affordable energy. The level of guarantees and protections desired will depend on how mature and stable the overall investment and legal environment is perceived to be.
O massmann protecting the protected_27_aug09
This document summarizes key aspects of Vietnam's labor law from a presentation given by Oliver Massmann, Managing Partner of Duane Morris Vietnam LLC. It begins by noting that Vietnamese labor law is very employee-friendly, influenced by the country's socialist system and transition from a state-run to private sector economy. The document then provides an overview of Vietnam's governing labor laws and regulations covering issues such as recruitment, wages and benefits, data privacy, disputes, and termination. It emphasizes that the labor code aims to strongly protect workers' rights.
UX in Context of Innovation
1) Citi believes that sustainability is good business practice and works closely with clients and partners to finance solutions to climate change such as renewable energy and mitigation efforts.
2) Citi targets $50 billion over 10 years to address global climate change through investments in renewable energy, clean technology, and carbon emission reduction activities.
3) Citi is committed to reducing greenhouse gas emissions from its owned and leased properties by 10% by 2011 and has purchased over 234,000 MWh of carbon neutral power for its operations.
MTBiz Jan-Mar 2013
MTBiz is for you if you are looking for contemporary information on business, economy and especially on banking industry of Bangladesh. You would also find periodical information on Global Economy and Commodity Markets.
Signature content of MTBiz is its Article of the Month (AoM), as depicted on Cover Page of each issue, with featured focus on different issues that fall into the wide definition of Market, Business, Organization and Leadership. The AoM also covers areas on Innovation, Central Banking, Monetary Policy, National Budget, Economic Depression or Growth and Capital Market. Scale of coverage of the AoM both, global and local subject to each issue.
MTBiz is a monthly Market Review produced and distributed by Group R&D, MTB since 2009.
The industrial relations framework review
Overhaul of Queensland industrial relations laws: Queensland state government agencies and public sector human resources and legal staff need to know
Post US Election Privacy Updates & Implications
The United States election on November 3rd will impact the future use of personal information for organizations doing business with US citizens. From presidential results to state propositions, there will be many privacy ramifications, and how we move forward to embrace the new changes is a topic that will bring many perspectives.
Join us as we discuss the implications of the US election, including California’s Proposition 24 which would expand the provisions of the CCPA and what the next administration’s role will be in helping shape the new framework for EU-US data transfers.
-Privacy issues that were included or arose in the 2020 election
-Implications of election outcomes on privacy laws or priorities
-What to watch for in 2021
More Related Content
Similar to New Rules for Cleared Contractors Starting Nov
Sect r35 a
The document discusses new SEC guidance from 2011 recommending that companies disclose information security risks and cyber incidents in mandatory regulatory filings if such issues pose material risks. It analyzes a dataset of Fortune 500 company filings before and after the guidance to assess the impact. The analysis found that the number of companies disclosing cyber risks increased significantly after the guidance, and that the size of those disclosures also tended to grow. It provides examples of disclosures that now include more details on potential cyber threats, threat actors, vulnerable assets, and consequences.
The "Fiscal Cliff"
What is the "fiscal cliff"? It's the term being used by many to describe the unique combination of tax increases and spending cuts scheduled to go into effect on January 1, 2013. The ominous term reflects the belief by some that, taken together, higher taxes and decreased spending at the levels prescribed have the potential to derail the economy. Whether we do indeed step off the cliff at the end of the year, and what exactly that will mean for the economy, depends on several factors.
Managing Consumer Data Privacy
For today’s digital businesses, being prepared to meet new compliance requirements when storing and managing consumer data will not only minimize risk, but also enable more valued and trusted customer experiences that drive increased loyalty, engagement and revenue. To gain better perspective on this important issue, it’s important to understand:
- The trends driving governmental regulatory shifts and the basic tenets of these new laws
- The challenges faced by executives across the enterprise when managing privacy compliance for consumer data
- The emergence of cloud-based solutions that help businesses manage privacy compliance by acting as end-to-end customer data storage and management solutions that are far more scalable and flexible than legacy systems
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Shawn Tuma is a cybersecurity lawyer with expertise in data privacy law. He is a partner at Scheef & Stone LLP, a commercial law firm in Texas. Tuma has extensive experience advising businesses on cybersecurity issues and data breaches. He serves on several boards and committees related to cybersecurity law and policy. The document provides an overview of Tuma's background and experience in cybersecurity law.
201 CMR 17.00
This document summarizes an informational breakfast event about complying with Massachusetts identity theft and data security regulations. The event featured presentations from attorneys and consultants on assessing risks, creating a written security program, establishing procedures, and other best practices for businesses to protect personal information and comply with the regulations. It provided an overview of the new regulations, implications for businesses, how to assess security and create a compliance plan, and contact information for organizations that can help or provide free assessments.
By 23 February 2018 we will have new mandatory data breach reporting obligati...
By 23 February 2018 we will have new mandatory data breach reporting obligati...LJ Gilland Real Estate Pty Ltd
The document provides a guide to new mandatory data breach reporting obligations under Australian privacy law. It outlines who is captured under the obligations, what constitutes an eligible data breach, the steps that must be taken in the event of a suspected or confirmed breach, and the potential consequences for non-compliance. Specifically, it notes that organisations with over $3 million annual turnover must report eligible data breaches involving personal information, which involves unauthorised access that would likely result in serious harm. They must assess any suspected breach within 30 days and notify the regulator and affected individuals of any confirmed breach. Failure to comply can result in penalties, compensation orders, and civil litigation.China's, Third Plenum of the 18th Party Congress key decisions
The Communist Party of China concluded the 3rd Plenum of the 18th Party Congress on November 12th, 2013, after four days. The Plenum set the agenda for the government in the next decade. The concluding document contains reform efforts targeting the following fourteen areas:
Benefits buzz january 2017
You may want to wait on compliance with the new OT regulations and we'll look to stay on top of the forthcoming ACA changes as well...
2020 NYS Shield Act Webinar
Get up to date on the NYS Shield Act to learn what you need to know to comply by March 2020.
To watch the webinar recording on-demand check out this link: https://zoom.us/webinar/register/WN_qkaEUTIzQJ6B3MIyKUAHAg
Forecast cybersecurity regulation v3
Regulators Cannot be Viewed as the Leaders in Cybersecurity Strategies. The Challenge Exists just to keep up!
NIST Cybersecurity Requirements for Government Contractors
What is Controlled Unclassified Information (CUI)? What is NIST SP 800-171? How is my project management and accounting system impacted?
Navigating your way through these complex topics can be difficult for any government contractor, but protecting CUI in a non-federal environment is critical. Compliance is required by December 31, 2017.
Join us for this webinar to learn more about:
• What it means to be compliant with NIST SP 800-171
• Documenting your compliance status
• Preparing for audits and/or requests for compliance attestation/reports
• Key CUI requirements
• Suggested NIST processes
• How having the right system and team in place can help you remain compliant
Learn more at: https://www.unanet.com/news/demand-webinars
Splunk: How Machine Data Supports GDPR Compliance
This document discusses the European Union's General Data Protection Regulation (GDPR) and how the log analysis software Splunk can help organizations comply with GDPR requirements. The GDPR aims to strengthen data protection for all EU citizens and applies to any company processing personal data of EU residents. It introduces fines of up to 4% of annual global turnover for violations. Splunk allows organizations to detect, prevent and investigate data breaches, search and report on personal data processing activities to comply with GDPR provisions, and prove that appropriate technical and organizational security measures are in place.
SEC Whistleblower Rules
This document summarizes a presentation on SEC whistleblower rules given by attorneys from Paul Hastings LLP. It discusses the evolution of whistleblower legislation including provisions in the False Claims Act, Sarbanes-Oxley Act, and Dodd-Frank Act. Key points include increased incentives for whistleblowers like monetary awards leading to more tips to the SEC. Open legal issues remain around the extraterritorial application of rules and whether internal reporting is protected. Companies are advised to foster compliance cultures and protect whistleblowers to mitigate risks.
How-to-start-a-captive
The article discusses how captives are increasingly being used by middle market companies as part of their enterprise risk management strategies. Captives allow mid-sized companies to reduce insurance costs, protect some assets, and insure risks not covered by the commercial markets. Some additional benefits of captives for mid-market firms include rewarding employees through ownership and creating tax-efficient claims reserves. The article argues that captives, when properly structured, can help mid-sized businesses holistically manage risks across their organizations in a more integrated manner through their enterprise risk management programs.
ANZSOG 2014 - What business wants from government;Phil Edmands
Phil Edmands, Managing Director of Rio Tinto Australia, discusses what business wants from government when proposing a large mining project. He outlines several key factors: the project must earn an adequate return to justify the large upfront investment; there must be certainty that the expected return will not be disrupted by changes in government policy; and the operating environment must allow for efficient approvals, a balanced fiscal system, protection of investment stability and title rights, and access to necessary inputs like skilled labor and affordable energy. The level of guarantees and protections desired will depend on how mature and stable the overall investment and legal environment is perceived to be.
O massmann protecting the protected_27_aug09
This document summarizes key aspects of Vietnam's labor law from a presentation given by Oliver Massmann, Managing Partner of Duane Morris Vietnam LLC. It begins by noting that Vietnamese labor law is very employee-friendly, influenced by the country's socialist system and transition from a state-run to private sector economy. The document then provides an overview of Vietnam's governing labor laws and regulations covering issues such as recruitment, wages and benefits, data privacy, disputes, and termination. It emphasizes that the labor code aims to strongly protect workers' rights.
UX in Context of Innovation
1) Citi believes that sustainability is good business practice and works closely with clients and partners to finance solutions to climate change such as renewable energy and mitigation efforts.
2) Citi targets $50 billion over 10 years to address global climate change through investments in renewable energy, clean technology, and carbon emission reduction activities.
3) Citi is committed to reducing greenhouse gas emissions from its owned and leased properties by 10% by 2011 and has purchased over 234,000 MWh of carbon neutral power for its operations.
MTBiz Jan-Mar 2013
MTBiz is for you if you are looking for contemporary information on business, economy and especially on banking industry of Bangladesh. You would also find periodical information on Global Economy and Commodity Markets.
Signature content of MTBiz is its Article of the Month (AoM), as depicted on Cover Page of each issue, with featured focus on different issues that fall into the wide definition of Market, Business, Organization and Leadership. The AoM also covers areas on Innovation, Central Banking, Monetary Policy, National Budget, Economic Depression or Growth and Capital Market. Scale of coverage of the AoM both, global and local subject to each issue.
MTBiz is a monthly Market Review produced and distributed by Group R&D, MTB since 2009.
The industrial relations framework review
Overhaul of Queensland industrial relations laws: Queensland state government agencies and public sector human resources and legal staff need to know
Post US Election Privacy Updates & Implications
The United States election on November 3rd will impact the future use of personal information for organizations doing business with US citizens. From presidential results to state propositions, there will be many privacy ramifications, and how we move forward to embrace the new changes is a topic that will bring many perspectives.
Join us as we discuss the implications of the US election, including California’s Proposition 24 which would expand the provisions of the CCPA and what the next administration’s role will be in helping shape the new framework for EU-US data transfers.
-Privacy issues that were included or arose in the 2020 election
-Implications of election outcomes on privacy laws or priorities
-What to watch for in 2021
Similar to New Rules for Cleared Contractors Starting Nov (20)
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
By 23 February 2018 we will have new mandatory data breach reporting obligati...
By 23 February 2018 we will have new mandatory data breach reporting obligati...
China's, Third Plenum of the 18th Party Congress key decisions
China's, Third Plenum of the 18th Party Congress key decisions
NIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government Contractors
ANZSOG 2014 - What business wants from government;Phil Edmands
ANZSOG 2014 - What business wants from government;Phil Edmands
New Rules for Cleared Contractors Starting Nov
- 1. Legal Alert New Rules for Cleared Contractors Starting Nov. 30 November 29, 2016 Earlier this year, the Defense Security Service (DSS) issued new rules for all government contractors that hold facility security clearances. Several of the new rules, which relate to “inside threats,” take effect Wednesday, Nov. 30, 2016. The changes are found in the National Industrial Security Program Operating Manual (NISPOM), and include the following requirements: A written “insider threat” program plan Formal appointment of a senior official to serve as the Insider Threat Program Senior Official (ITPSO) Annual certification of self-inspection, including analysis of inside-threat vulnerability Continuation of the requirement to report relevant and credible information regarding cleared employees A system or process to identify patterns of negligence or carelessness in handling classified information Insider-threat training for employees User activity monitoring on classified information systems Contractors who regularly work with U.S. intelligence agencies may already have implemented some or all of these procedures. But all cleared contractors should use the Nov. 30 deadline as a benchmark requiring a thorough review of their policies and procedures by their facility security officer (FSO) and legal counsel. Resource Attorneys Christian B. Nagel T: +1 703 712 5470 cnagel@mcguirewoods.com J. Patrick Rowan T: +1 202 857 1758 prowan@mcguirewoods.com Ronald L. Fouse T: +1 202 857 1719 rfouse@mcguirewoods.com George J. Terwilliger III T: +1 202 857 2473 gterwilliger@mcguirewoods.com Todd R. Steggerda T: +1 202 857 2477 New Rules for Cleared Contractors Starting Nov. 30 https://www.mcguirewoods.com/Client-Resources/Alerts/2016/11/... 1 of 2 12/6/2016 3:49 PM
- 2. tsteggerda@mcguirewoods.com David G. Dargatis T: +1 703 712 5080 ddargatis@mcguirewoods.com Edwin O. Childs T: +1 202 857 1723 echilds@mcguirewoods.com James J. Holt T: +1 703 712 5465 jholt@mcguirewoods.com The McGuireWoods website provides information of general interest to the public. The website does not offer legal advice about specific situations or problems. You should consult a McGuireWoods lawyer if you have legal issues requiring attention. Nothing on this site creates an express or implied contract. McGuireWoods does not intend to create an attorney-client relationship by inviting you to contact us. Unless and until we and you agree that we will represent you, we will not have any duties to you, including any duty to keep what you send us confidential or any duty to protect your interests. This means that nothing you send us will be kept confidential, unless we mutually agree that we will keep it confidential. Past legal successes described on this website are not indicators of future results. The outcome of particular legal matters is dependent upon the facts and law applicable to the matters. New Rules for Cleared Contractors Starting Nov. 30 https://www.mcguirewoods.com/Client-Resources/Alerts/2016/11/... 2 of 2 12/6/2016 3:49 PM