Defense Industrial Base

China dominates the rare earth industry, accounting for approximately 60 percent of rare earth metal mining and approximately 90 percent of rare earth metal processing in 2023. In order to combat this near-monopoly and to limit supply chain vulnerabilities and risk to the US defense industry, a final Defense Federal Acquisition Regulation Supplement (DFARS) rule, published May 30, 2024, applies broader sourcing prohibitions to the language of DFARS 225.7018 and operative clause DFARS 252.225-7052 to prohibit the use and acquisition of magnets mined in China as of January 1, 2027.Continue Reading DOD Releases Final Rule Prohibiting the Acquisition of Certain Magnets from Nonaligned Foreign Nations

For just shy of a decade, the Defense Industrial Base (DIB) has had to operate under rules dictating the safeguarding of Controlled Unclassified Information, along with a strict 72-hour notification requirement if/when/should a “cyber incident” occur. For the uninitiated, these are the requirements found in the Department of Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012. And for a large swath of government contractors, these requirements have been more bane than benefit, as many have struggled to meet the DFARS’ stringent requirements.

Well, critical infrastructure industry, welcome to the party! Soon, companies involved in all sectors of critical infrastructure will need to comply with new federal reporting requirements for cybersecurity incidents and ransom payments after President Joe Biden signed The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the Act) into law on March 15, 2022. Tied to an omnibus appropriations package, the Act requires entities involved in critical infrastructure to report cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours and any paid ransom demands within 24 hours. While these new reporting obligations will not become effective until CISA promulgates rules to further define requirements, as the DIB’s effort has demonstrated, it would be wise to examine best practices in incident response plans to begin sooner rather than later.Continue Reading Critical Infrastructure Industry Drafted: Welcome to the Cyber War

Each year, Congress presents us in Title VIII of the National Defense Authorization Act (NDAA) a potpourri of procurement reforms, changes, and additions. Some are effective immediately, while some are bound for rulemaking and regulation and surface years from enactment. Some require analyses, reports, and studies which have no immediate impact but provide a roadmap that can and should be used by government contractors in their business planning. Finally, some provisions of the NDAAs just wither away and have no impact whatsoever. Nineteen days before the Trump Administration ended, the US Senate followed the US House of Representatives in overriding the President’s veto of the William (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (H.R. 6395) (FY2021 NDAA), making it law on January 1, 2021.  Happy New Year! As for its Title VIII, the FY2021 NDAA is no different from its predecessors in its procurement potpourri. Here’s a tour of key provisions you oughta know.
Continue Reading Here to Remind You of the Key Provisions of the Fiscal Year 2021 National Defense Authorization Act – You Oughta Know!