News

Aerospace & Defense Insights | Part 2: Proposed cybersecurity FAR rules for government contractors

26 October 2023

Through Aerospace and Defense Insights, we share with you the top legal and political issues affecting the aerospace and defense (A&D) industry. Our A&D sector team monitors the latest developments to help our clients stay in front of issues before they become problems, and seize opportunities in a timely manner.

This publication presents Part 2 of our A&D Insights series covering the two recently proposed Federal Acquisition Regulation (FAR) Council rules addressing (1) the standardization of cybersecurity contractual requirements across Federal agencies for unclassified Federal information systems (FAR Case 2021-019), and (2) cyber threats and incident reporting and information sharing requirements for government contractors FAR Case 2021-017). In Part 1 of our series, we addressed the proposed standardization of cybersecurity contractual requirements.

This Part 2 focuses on the proposed rule to impose new requirements concerning cyber threat and incident reporting and information sharing. As discussed in more detail below, the rule will impact a significant number of government contractors and impose more expansive requirements than what we have seen in the acquisition regulations to date.