In response to a chorus of implementation questions raised by the contracting community, the US Department of Defense (DoD) has announced an industry information day, during which contractors who have questions or wish to provide feedback regarding DoD’s Network Penetration Reporting and Contracting for Cloud Services final rule can raise those questions. On April 5, 2017, DoD published a notice of meeting in the Federal Registerannouncing the “Industry Information Day” on June 23, 2017.
The public meeting will address the implementation of DFARS Case 2013-D018, and the associated DFARS clauses, including DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (Oct. 2016). The final rule, published October 21, 2016, finalized an interim rule mandating that both prime and subcontractors safeguard covered defense information, report on network penetrations, and require adequate security from external cloud computing services. We have previously analyzed these new requirements.
The industry day announcement is an important reminder to contractors of the upcoming December 31, 2017, deadline for implementing the new security requirements required under the final rule to qualify for new DoD awards. The event will be held on Friday, June 23, from 9 a.m. to 1 p.m. at the Mark Center Auditorium in Arlington, VA. Any contractors with questions or feedback about the rule’s requirements or implementation should attend. The registration deadline is June 12, 2017. Contractors may register via email at: OSD.DIBCSIAEvents@mail.mil. DoD will accept written questions until May 1 at the same address, and contractors grappling with various implementation questions are encouraged to submit questions in advance.
For additional details regarding the Industry Information Day, registration and process for submitting questions, please consult the meeting notice.