FAR Cyber compliance proposal: Requirements and Implications

Executive Order 14028 — Executive Order on Improving the Nation’s Cybersecurity — kicked off a series of actions with the goals of:

• improving information sharing between the Government and private sector,

• modernizing and strengthening cybersecurity standards in Federal agencies and

• improving the software supply chain

On October 3rd, the Department of Defense (DoD), General Services Administration (GSA), and NASA proposed a set of changes to the Federal Acquisition Regulation (FAR) to implement the requirements originating from EO14028.

These requirements are open for written comments until December 4th, 2023.

Proposed changes create new compliance obligations for a large number of federal contractors.

Let’s dig in!