Cybersecurity and data privacy have been increasing focal points for Congress, federal agencies, and contractors in recent years. We have been tracking these developments closely and expect these trends will only intensify in the coming years. Cybersecurity awareness and preparedness are critical for federal contractors, not just as a matter of compliance, but also to gain (or avoid losing) a competitive advantage. The U.S. Department of Defense (DoD) is moving forward with cybersecurity as the fourth pillar of its acquisition decision-making, and civilian agencies are increasingly following DoD’s lead by including cybersecurity as an evaluation factor in solicitations and contract awards. The General Services Administration (GSA), for one, has new cybersecurity rules in the works and will make more regular use of cybersecurity in its source selection decisions this year.
The integral and growing role that cybersecurity and data privacy requirements play for federal contractors led us to form our new Cybersecurity and Data Privacy Practice, which we are proud to launch this year. PilieroMazza’s Cybersecurity and Data Privacy Practice pulls together lawyers from across all of our practice groups to advise and assist clients with a comprehensive approach to managing cybersecurity, information privacy, and data protection risks; establishing compliant and effective safeguards; and responding to cybersecurity and privacy incidents when they do occur.
This practice provides a broad range of services to federal contractors and commercial firms, including analysis of cybersecurity compliance under the NIST Framework; review and development of information security programs, including preparation of employee and personnel related handbooks and training; data breach incident response policies and procedures, tabletop exercises, and management training; assistance with breach response management, including governmental and customer notifications, governmental investigations, and audits; breach litigation strategy and defense, including class action and shareholder derivative suit defense; cybersecurity diligence and negotiation in mergers, acquisitions, and other corporate transactions; review and development of contract templates and federal contract “flow down” provisions to address cybersecurity requirements applicable to vendors; preparation and submission of variance requests, requests for equitable adjustment, and contract claims to procuring agencies related to cybersecurity requirements in federal contracts, and much more. Click here to learn more about our new Cybersecurity and Data Privacy Practice.
We are also rolled out a new Cybersecurity Compliance Check-Up. The Check-Up is a unique flat-rate offering for federal contractors designed to provide a quick assessment of the federal cybersecurity requirements applicable to your company, your current level of compliance, and steps to take to fill any gaps in your current cybersecurity practices. Click here to learn more about the Check-Up.
Finally, we will be hosting "Gaining a Competitive Advantage Through Cyber, Data, & Personnel Security" live event on June 5, 2019 in in the Washington, DC area. Click here for more details.