In response to a number of recent high-profile cyber attacks aimed at federal agencies, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity (EO) on May 12, 2021. The EO which created a new Cyber Safety Review Board to review major cyber incidents and requires information and communications technology (ICT) service providers entering into contracts with the government to report data breaches. Agencies are mandated to provide their recommendations to the FAR Council within 60 days of the order, after which the FAR Council will make its proposed changes to the Federal Acquisition Regulations (FAR) within another 90 days. Contractors should act swiftly to review and provided comments proposed changes to as they are published and to ensure that any concerns about complying with the new requirements are presented to those tasked with implementing this EO.
Our recent client alert summarizes the new Executive Order and provides recommendations for entities that will be impacted by these sweeping new requirements.