DFARS Cybersecurity Webinar Series #15
DFARS INTERIM RULE: A LEGAL PERSPECTIVE WITH BOB METZGER
This webinar was broadcast on Wednesday, November 18, 2020
Synopsis
With the DFARS Interim Rule set to take effect on November 30, 2020, it's critical to understand the contractual duties, legal liabilities and potential impacts that your company may encounter. Bob Metzger, head of the Washington DC office of contract law specialists RJO, is a leading industry analyst with expertise in Federal/DoD contractor cybersecurity regulations, including FAR 52.204-21, DFARS 252.204-7012, NIST related standards, Cybersecurity Maturity Model Certification (CMMC) and the new DFARS Interim Rule. He’s the co-author of the MITRE "Deliver Uncompromised" report and will share his legal perspective on the DFARS Interim Rule as well as the impacts on prime contractors, subcontractors and suppliers. After the new rule takes effect, new solicitation and contract requirements will apply to Primes (and their suppliers) who handle Controlled Unclassified Information (CUI) and are subject to NIST SP 800-171. Specifically, to receive a contract subject to these new rules, contractors must officially submit to DoD’s Supplier Performance Risk System (SPRS), at a minimum, a NIST 800-171 Basic Assessment Report that reflects their self-assessment against the 110 controls of SP 800-171, as well as the date when they expect to satisfy all requirements of -171. Bob will discuss how DoD Contracting Officers can use these Assessment Reports to determine contractor "responsibility" or evaluation criteria on bids as well as the potential False Claims Act (FCA) liabilities that may be created by these reports.
Cybersecurity experts from eResilience will also provide strategies on how contractors and their subcontractors and suppliers can respond effectively to both the Interim Rule and the upcoming CMMC requirements, to lower the risks and potential negative impacts to their businesses.
Robert Metzger
Defense Contract Law Expert, RJO
Robert Metzger, an attorney in private practice,
heads the Washington, D.C. office of Rogers Joseph O’Donnell, PC,
a firm that specializes in public contracts matters. Bob is
a co-author of the 2018 MITRE
"Deliver Uncompromised" report
considered "highly influential" on U.S. cyber and supply chain
policies and practices, including DoD's Cybersecurity Maturity
Model Certification (CMMC) initiative. As a Special Government
Employee, Bob served on the Defense Science Board task force
that produced the 2017
Cyber Supply Chain Report, which received
the 2018 SANS Institute "Difference Maker" award. He presented
at the
RSA Conference in 2017 and 2018 on IoT security issues
and on supply chain security at RSA Public Sector Day in 2019
and
2020. Publications in 2020 include "Cyber Safety in the
Era of Cyber Warfare", published in The SciTech Lawyer and
featured on the
ABA main page. Bob is recognized for subject
area leadership in cyber, supply chain and related security matters.