Georgia Tech Procurement Assistance Center

  • Home
  • About Us
  • Training
    • Class Registration
    • On-demand Training
    • GTPAC COVID-19 Resource Page
    • Veterans Verification Video
    • Other Training Audio & Video
  • Useful Links
  • Team Directory
    • Albany Counselor
    • Atlanta Counselors
    • Augusta Counselor
    • Carrollton Counselor
    • Columbus Counselor
    • Gainesville Counselor
    • Savannah Counselor
    • Warner Robins Counselor
  • Directions
    • Atlanta – Training Facility
    • Atlanta – Office
    • Albany
    • Augusta
    • Carrollton
    • Columbus
    • Gainesville
    • Savannah
    • Warner Robins
  • COVID-19
  • New Client Application
  • Contact Us

Critical changes for contractors working with classified information

March 22, 2021 By Andrew Smith

Two significant changes are underway by the Defense Counterintelligence and Security Agency (DCSA) – both of which require the immediate attention of businesses that hold a U.S. security clearance or are in the process of applying for a clearance.

The first change is the codification of the National Industrial Security Program Operating Manual (NISPOM).  As background, the NISPOM has been the key guidance for protecting classified and certain other controlled information in accordance with the National Industrial Security Program (NISP) as currently overseen by the DCSA.

Continue reading at:  JD Supra

Filed Under: Contracting Tips Tagged With: classified information, NISPOM

The NISPOM is becoming a regulation and contractors have six months to comply

March 15, 2021 By Andrew Smith

On December 21, 2020, the Department of Defense (“DoD”) published a final rule in the Federal Register that codifies the National Industrial Security Program Operating Manual (“NISPOM”) in the Code of Federal Regulations (“CFR”) at 32 CFR part 117.  The rule became effective on February 24, 2021, giving contractors six months from the effective date to comply with the changes.  

The NISPOM establishes various requirements and standard procedures for the protection of classified information disclosed to or developed by government contractors.  It was first published in 1995 as DoD Manual 5220.22, and was intermittently updated through the years including (most recently) via Conforming Change 1 on March 28, 2013, and NISPOM Change 2 on May 21, 2016.  In addition to adding the NISPOM to the CFR, the new rule will incorporate the requirements of Security Executive Agent Directive (“SEAD”) 3, “Reporting Requirements for Personnel with Access to Classified Information or Who Hold a Sensitive Position” (available here), and will implement the provisions of Section 842 of the 2019 National Defense Authorization Act (“NDAA”) (Public Law 115-232) (both of which are discussed below).

Continue reading at:  Sheppard Mullin

Filed Under: Contracting Tips Tagged With: classified information, DoD, NISPOM

Federal contractor sentenced for removing and transmitting classified materials

August 24, 2018 By Andrew Smith

Reality Winner was sentenced yesterday to five years and three months in prison for removing classified national defense material from a government facility and mailing it to a news outlet.

Winner was arrested by the FBI at her home in Augusta, Georgia on June 3, 2017.  The parties filed a plea agreement on June 21, in which Winner agreed to plead guilty to the one-count indictment charging her with unlawful retention and transmission of national defense information.  The parties agreed that a sentence of imprisonment for 63 months followed by a three-year term of supervised release is the appropriate disposition of the case.  The Court accepted the plea agreement at sentencing.

Winner was a contractor assigned to a unit of Fort Gordon in Georgia. She had been employed at the facility since on or about Feb. 13, 2017, and held a TOP SECRET//Sensitive Compartmented (SCI) clearance during that time.  Prior to that position, Winner had served in the U.S. Air Force from 2010-2016 and held a TOP SECRET//SCI security clearance.

  • Evidence presented at the change of plea hearing established that on or about May 9, 2017, Winner printed an intelligence report that was classified at the TOP SECRET//SCI level, and she removed it from the facility where she worked.  Information may be classified as TOP SECRET if its unauthorized disclosure can reasonably be expected to cause exceptionally grave damage to the national security of the United States.
  • Later on May 9, Winner unlawfully transmitted a hard copy of the intelligence report to an online news outlet. The intelligence report revealed the sources and methods used to acquire the information contained in the report, which, if disclosed, would be harmful to the United States and valuable to our adversaries.

Indeed, Winner, in an interview with the FBI on June 3, 2017, admitted knowing at the time she stole and transmitted the intelligence report that it contained information about intelligence sources and methods, which information she knew was valuable to adversaries of the United States.  Further, the information contained in the intelligence report had not been released to the public at the time Winner retained it and transmitted it to the online news outlet.  Winner, who had received training regarding the proper handling, marking, transportation, and storage of classified information, knew that she was not permitted to remove the intelligence report from the facility where she worked, retain it, or transmit it to the news outlet.

The investigation of this case was conducted by the FBI.

Source: https://www.justice.gov/opa/pr/federal-government-contractor-sentenced-removing-and-transmitting-classified-materials-news

See earlier article on this subject at: https://gtpac.org/2018/06/30/contractor-employee-pleads-guilty-to-espionage-in-connection-with-nsa-data-leak/

Filed Under: Contracting News Tagged With: classified information, DOJ, espionage, Espionage Act, FBI, Ft. Gordon, Justice Dept., leak, NSA

Contractor employee pleads guilty to espionage in connection with NSA data leak

June 30, 2018 By Andrew Smith

U.S. Air Force veteran Reality Winner — the first person prosecuted by the Trump administration for leaking government information — pleaded guilty Tuesday to espionage for leaking a classified document detailing Russian efforts to hack into state election systems to an online news magazine.

“She pled guilty to willful retention and transmission of national defense information,” said Billie Jean Winner-Davis.

Winner’s lead defense attorney, Baker Donelson partner and former general counsel of the U.S. Department of Homeland Security Joe Whitley, said in a written statement after Winner’s plea, “She has taken this matter seriously, and has made a very difficult decision that will no doubt impact the rest of her life.”

“Obviously, her final sentencing is still pending, and she has a number of conditions and restrictions in her plea agreement that she is committed to honoring,” Whitley said. “However, Reality wishes to thank the numerous individuals and organizations who have supported her through this process.”

Winner, jailed without bond since her arrest more than a year ago at her Augusta, Georgia, home, pleaded guilty as part of a deal with federal prosecutors, who recommended a 63-month sentence followed by three years of supervised release, Winner-Davis said.

Keep reading this article at: https://www.law.com/dailyreportonline/2018/06/26/reality-winner-pleads-guilty-to-espionage-faces-potential-5-year-sentence/

Filed Under: Contracting News Tagged With: classified information, espionage, Espionage Act, Ft. Gordon, leak, NSA

Company that used Russian coders for Pentagon project strikes deal

December 19, 2017 By Andrew Smith

Russian developers did some of the coding work for a Defense Department software system and stored that code inside a server in Moscow, according to a non-prosecution agreement released Monday.

Those Russian coders only worked on unclassified portions of the Defense Information Systems Agency project, but, in some cases, knew they were helping to develop a highly sensitive system that would attach to Defense Department information networks, according to the agreement between the Justice Department and Netcracker Technology Corp., the subcontractor that hired the Russian coders.

The non-prosecution deal ends a criminal investigation against Netcracker that was led by the Justice Department’s national security division and the U.S. Attorney’s Office for the Eastern District of Virginia.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2017/12/company-used-russian-coders-pentagon-project-strikes-deal/144466/

Filed Under: Contracting News Tagged With: classified information, DHS, DoD, DOJ, investigation, Justice Dept., Russia, software

Counterintelligence chief: Contractors ‘kicking butt’ in combating insider threats

April 14, 2017 By Andrew Smith

Though some of the most damaging exposures of classified material have come from companies working for the federal government in recent years, the intelligence community’s 100,000 contractors overall “are kicking butt” in helping agencies head off insider threats, the nation’s top counterintelligence chief said on Monday.

Anticipating threats “is a team sport,” Bill Evanina, the government’s national counterintelligence executive, told a gathering of the Intelligence and National Security Alliance, a nonprofit group made up of contractors and former intelligence officials. “The only way to win is a partnership, a whole-of-government, whole-of-country approach” that includes contractors and the news media as well.

“We have to get back to patriotism,” he said.

Despite incidents involving National Security Agency contractors such as Edward Snowden and Howard Martin, “we need to eliminate with urgency the idea that most insider threats are contractors,” Evanina said. “There’s no evidence” either for that, he said, or for the common notion that “millennials want to be leakers.”

Keep reading this article at: http://www.govexec.com/defense/2017/04/counterterrorism-chief-contractors-kicking-butt-combating-insider-threats/136904

Filed Under: Contracting News Tagged With: CIA, classified information, Commerce Dept., counterintelligence, DHS, FCC, insider threats, NSA, OPM, Treasury Dept.

Contractors need clarity on handling federal data, says IT alliance

April 4, 2017 By Andrew Smith

Discrepancies and deficiencies in the way various rules designate and govern covered defense information and controlled unclassified information can impact how contractors protect confidential government information.

In a white paper prepared by associate member Rogers Joseph O’Donnell, the IT Alliance for Public Sector looked at the scope, implementation, compliance tools and inconsistencies of regulatory constructs and requirements to safeguard federal data and information.

Keep reading this article at: http://www.federaltimes.com/articles/contractors-need-clarity-on-handling-federal-data-says-it-alliance

 

Filed Under: Contracting News Tagged With: classified information, controlled unclassified information, DoD, information security, NIST

Final rule beefs up mandates for contractor information systems security

May 24, 2016 By Andrew Smith

Federal RegisterA new final rule four years in the making will amend the Federal Acquisition Regulations, or FAR, with new sections on the basic safeguarding of contractor information systems.

The rule, published on May 16, 2016 in the Federal Register and issued by the Defense Department, General Services Administration and NASA, will add a subpart and contract clause on contractor systems that process, store or transmit federal contract information, and calls on contractors to apply a minimum of 15 security control requirements.

This type of information is not intended for public release and excludes information that the government provides to the public or that is related to processing payments.

The focus of the rule is on a basic level of safeguarding, and contractors still have to comply with safeguarding requirements for protecting controlled unclassified information, or CUI. “Systems that contain classified information, or CUI, such as personally identifiable information, require more than the basic level of protection,” the rule stated.

Keep reading this article at: http://www.fiercegovernmentit.com/story/final-rule-beefs-mandates-contractor-information-systems-security/2016-05-17

Filed Under: Contracting News Tagged With: classified information, contractor information system, controlled unclassified information, CUI, cybersecurity, data security, FAR, Federal Register, IT, safeguarding information, security, security control, technology

Doing business with the government? What you should know about cybersecurity

June 15, 2015 By ei2admin

Government contractors are in a difficult position when it comes to cybersecurity. Not only do they need to worry about cybersecurity issues that affect almost every company, but they also often house sensitive government data that can carry additional obligations.

cyber securityFurther, the very fact that they have access to this information, and their relationship to the U.S. government, makes them an attractive target for malicious efforts. Escalating these concerns, not only are contractors with sensitive information prime targets for standard hackers trying to prove their worth, but they are also in the cross-hairs for attacks sponsored by countries hostile to the United States or interested in obtaining technology otherwise prohibited to them.

The U.S. government recognizes this threat and has responded in two major ways. The first is to impose additional cybersecurity responsibilities on contractors who have access to sensitive data. While the goal of these additional obligations is to harden security to protect data, their parameters are not always apparent and can be easily misunderstood. Just identifying what a contractor is expected to do can be a challenge. The second element of the government’s approach is to assist in combating cyber attacks by offering to work with companies, including contractors, who find themselves victims. This help can be invaluable, especially for sophisticated and persistent state-sponsored cyber threats. It also raises additional issues, however, and many companies are justifiably suspicious of opening their information technology systems to the government.

In this Commentary, we highlight the aligned and competing priorities of the government and companies in this space. We discuss some of the main requirements imposed on contractors that go above and beyond those required of standard companies. We also delve into practical considerations for government contractors in this area and developing trends.

Keep reading this article at: http://www.mondaq.com/article.asp?articleid=402096

Filed Under: Contracting Tips Tagged With: classified information, cybersecurity, data security, sensitive information

Contractors could get new rules for handling sensitive government data

April 14, 2015 By ei2admin

Private sector government contractors may soon be subjected to new rules for managing sensitive federal information.

The National Institute of Standards and Technology (NIST) recently published draft requirements for federal and nonfederal groups with access to “controlled unclassified information” — a subset of confidential information that, while not classified, must still be protected. The Commerce Department agency is accepting public comments on the draft until May 12, 2015.

These requirements are meant to supplement rules under the Federal Information Security Management Act, which governs how federal agencies (and contractors, on their behalf) manage their own data in their own information systems, according to NIST fellow Ron Ross.

The new guidance aims to cover situations not explicitly mentioned in FISMA — for instance, when state and local governments, colleges and universities, or private organizations happen to receive federal CUI data through a contract or an agreement.

Keep reading this article at: http://www.nextgov.com/big-data/2015/04/nist-refining-rules-non-federal-groups-handling-federal-data/109399

Filed Under: Contracting News Tagged With: classified information, data, NIST, security, security plan

  • 1
  • 2
  • Next Page »

Recent Posts

  • OMB releases guidance related to small business goals
  • Are verbal agreements good enough for government contractors?
  • OMB issues guidance on impact of injunction on government contractor vaccine mandate
  • CMMC 2.0 simplifies requirements but raises risks for government contractors
  • OFCCP launches contractor portal initiating AAP verification program

Popular Topics

8(a) abuse Army bid protest budget budget cuts certification construction contract awards contracting opportunities cybersecurity DoD DOJ False Claims Act FAR federal contracting federal contracts fraud GAO Georgia Tech government contracting government contract training government trends GSA GSA Schedule GTPAC HUBZone innovation IT Justice Dept. marketing NDAA OMB SBA SDVOSB set-aside small business small business goals spending subcontracting technology VA veteran owned business VOSB wosb

Contracting News

OMB releases guidance related to small business goals

OMB issues guidance on impact of injunction on government contractor vaccine mandate

Changes coming to DOD’s Cybersecurity Maturity Model Certification under CMMC 2.0

Judge issues nationwide injunction halting enforcement of COVID-19 vaccine mandate

Nondisplacement of qualified workers is back, but with changes

Read More

Contracting Tips

Are verbal agreements good enough for government contractors?

CMMC 2.0 simplifies requirements but raises risks for government contractors

OFCCP launches contractor portal initiating AAP verification program

GAO rules that DoD may not require small business Joint Venture itself hold facility security clearance

Terminations for convenience clauses vs. mutual termination clauses

Read More

GTPAC News

VA direct access program events in 2022

Sandia National Laboratories seeks small business suppliers

Navy OSBP hosting DCAA overview (part 2) event Jan. 12, 2022

Navy OSBP hosting cybersecurity “ask me anything” event Dec. 16th

State of Georgia hosting supplier systems training on January 26, 2022

Read More

Georgia Tech News

Undergraduate enrollment growth reflects inclusive excellence

Georgia Tech delivers $4 billion in economic impact to the State of Georgia

Georgia Tech awards first round of seed grants to support team-based research

Georgia Tech announces inaugural Associate Vice President of Corporate Engagement

DoD funds Georgia Tech to enhance U.S. hypersonics capabilities

Read More

  • SAM.gov registration is free, and help with SAM is free, too
APTAC RSS Twitter GTPAC - 30th Year of Service

Copyright © 2022 · Georgia Tech - Enterprise Innovation Institute