The U.S. Government is renewing its focus on mitigating technological risks by regulating the supply chain for various goods and services. To achieve these goals, Congress and agencies have introduced, and in some cases enacted, legislation and regulations that direct agencies to identify, assess, and mitigate supply chain risks generally as well as prohibit agencies
On Monday, 7 July, the president signed into law the Intelligence Authorization Act for Fiscal Year (FY) 2014 (Pub. L. 113-126), which requires intelligence contractors with security clearances to promptly report network and information system penetrations and provide government investigators access to such systems. This new statutory cybersecurity reporting requirement for cleared intelligence contractors is largely consistent with a reporting requirement applicable to cleared U.S. Department of Defense contractors under the National Defense Authorization Act for FY 2013.
On 6 February 2013, U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) issued guidance regarding the impact of section 504 of the Iran Threat Reduction and Syria Human Rights Act (ITRA). As previously reported in our Iran-related client alerts and blog entries, ITRA was enacted on 10 August 2012 and imposed a number of
On December 18, 2012, the House and Senate released the Conference Report for the National Defense Authorization Act for Fiscal Year 2013 (“2013 NDAA”). In addition to authorizing the Department of Defense budget and expenditures, the 2013 NDAA will clarify requirements that limit subcontracting under small business subcontracts, provide small businesses the opportunity to limit
Earlier this week, the Senate-House Conference Committee Report on the National Defense Authorization Act for Fiscal Year 2013 (NDAA) was released. As we reported here, the Senate’s original version of the NDAA  would expressly permit access to contractor internal audit reports by the Defense Contract Audit Agency (DCAA). The House’s original version of the
The United States and European Union have continued to impose or propose additional sanctions and restrictive measures targeting certain dealings with Iran or with designated persons and entities. These developments include: (1) a recent decision by the Council of the European Union (EU) to require financial messaging providers to discontinue communication services to certain Iranian financial institutions, which