In the past two months, the federal government has issued several cybersecurity-related regulations that are or will be directly or indirectly applicable to a wide variety of federal contractors and subcontractors. Additional rules (including a blanket FAR provision) are expected, but the three rules below present an interrelated set of requirements and standards that federal contractors and their supply chain need to understand. We note that these are complex and interrelated regulations, and our discussion is a high-level look at the key issues involved, not a comprehensive assessment of the implications of each rule. Contractors are encouraged to review these rules in their entirety. For more information, please see our advisory.