Earlier this month, the Department of Defense, General Services Administration, and the National Aeronautics and Space Administration introduced two draft changes to the Federal Acquisition Regulation (FAR). These proposals, aimed primarily at enhancing the cybersecurity of government information systems, arose in response to Executive Order 14028 on Improving the Nation’s Cybersecurity, issued by the White House in 2021. This initiative seeks to standardize the cybersecurity requirements across all agencies and enforce incident reporting obligations on contractors.
As these revisions are only proposed at this stage, it’s critical for law firms and corporations to monitor the development, as the resulting regulations could significantly affect their operation if enacted. Contractors may face new responsibilities and liabilities under the proposed changes, altering the landscape of regulatory compliance in government contracts. The proposed standardization of cybersecurity requirements could also lead to greater uniformity and predictability, potentially streamlining compliance efforts for contractors.
Law firms and corporations that specialize in government contracting should prepare for these potential changes, assessing their current cybersecurity measures in light of the proposed regulations, and developing contingency plans to ensure compliance if the suggested revisions are implemented.
To learn further about these proposed FAR revisions, consider the detailed explanation available at JD Supra provided by King & Spalding.