Since Nov. 30, 2020, all U.S. Department of Defense solicitations, except those for commercial off the shelf items, have included Defense Federal Acquisition Regulation Supplement clause 252.204-7019, to require assessment of contractor compliance with cybersecurity requirements. Additionally, certain solicitations, other than those for commercial off the shelf items, have included DFARS clause 252.204-7021 to phase in the implementation of Cybersecurity Maturity Model Certification, or CMMC, requirements. These clauses were published together on Sept. 29, 2020, as part of an interim rule intended to assess contractor implementation of cybersecurity requirements. There are many questions about what the new interim rule means for contractors, but very little attention has been paid to how the new interim rule may create protest issues during the solicitation period for contracts.
Source:
- Rogers, Joseph, O’Donnell: New DOD Cyber Rules Create Fertile Bid Protest Grounds
