Export Regulations & Cyber Compliance

What is Cyber Compliance?

In the context of this article, “Cyber Compliance” means ensuring the location, access and transfer of export-regulated data in IT networks and systems complies with export regulations. Cyber Compliance requires companies integrate export control requirements into IT architecture, administration and use.

Cyber Compliance differs from Cyber Security in that an environment may be secure, but not compliant. For example, if secure IT infrastructure is located in another country, housing export-regulated data within could result in an export violation. more “Export Regulations & Cyber Compliance”

A Systematic Approach to Controlled Technical Data

NextLabs routinely advises customers whose businesses handle Controlled Technical Data (CTD) such as ITAR, EAR, and data controlled by non-US Jurisdictions, to take a proactive, systematic approach to managing CTD throughout its lifecycle. Many of these enterprises have been in business for a number of decades, during which time they have created substantial CTD organically, and acquired additional CTD through various business transactions and transformations. The CTD routinely spans every type of electronic storage that has ever been used in the enterprise. A portion of this CTD, in some cases a substantial portion, has reached Legacy CTD status, which means that it is no longer actively used in the normal business operations of the enterprise. more “A Systematic Approach to Controlled Technical Data”

DFARS: Where is my Unclassified Controlled Technical Data?

By Dennis Andrie, Director of Professional Services and Support at NextLabs

In our last blog post on the Defense Acquisition Regulations System (DFARS) Subpart 204.73 and associated contract clause 252.204-7012, Safeguarding of Unclassified Controlled Technical Information, we discussed actions that companies must act upon to protect Unclassified Controlled Technical Information when they contract or subcontract with the U.S. Government in order to be in compliance with government contracts. more “DFARS: Where is my Unclassified Controlled Technical Data?”

DFARS Subpart 204.73 – SAFEGUARDING UNCLASSIFIED CONTROLLED TECHNICAL INFORMATION

By Dennis Andrie,

On November 18, 2013, The Defense Acquisition Regulatory Council (DARC) issued its final ruling for Defense Acquisition Regulations System (DFARS) Subpart 204.73 and associated contract clause 252.204-7012, Safeguarding of Unclassified Controlled Technical Information.The new subpart presents a high level guide to actions that need to be undertaken by companies that contract or subcontract with the U.S. Government to protect Unclassified Controlled Technical Information in the course of executing the U.S. Government contracts. more “DFARS Subpart 204.73 – SAFEGUARDING UNCLASSIFIED CONTROLLED TECHNICAL INFORMATION”

A “Cheat Sheet” on the Obama Export Control Reforms

By Gary Stanley.

The initial Obama export control reforms became effective on Oct 15th.  Although these reforms promise less licensing, they come at the price of more complex controls and more extensive record keeping.  The new rules must be approached in a systematic manner.   Here’s a “cheat sheet” to help you take advantage of these significant changes to U.S. export and re-export controls. more “A “Cheat Sheet” on the Obama Export Control Reforms”

Export Control Reform – Are you Ready?

By E.K. Koh.

Parts of the US Export Control Reform went into effect on October 15th, 2013.  Are you ready?

The current system has two different control lists administered by two different departments, Commerce and State, and there are three primary export licensing agencies, Commerce, State, and the Treasury.  A multitude of agencies – Commerce, Defense, Homeland Security, Justice, State, and the Treasury – each have authority to investigate and/or enforce some or all of the export controls, each using separate IT systems that do not intercommunicate. more “Export Control Reform – Are you Ready?”

Export Control in the News: AeroFlex’s ITAR Settlement and Standards for Export Compliance

The latest A&D news: Aeroflex’s $8 million dollar settlement with the U.S. Department of State for violations of the Arms Export Control Act (AECA) and the International Traffic in Arms Regulations (ITAR).

The State Department reported it conducted an “extensive compliance review” and discovered “inadequate corporate oversight and a systemic and corporate-wide failure” which resulted in unauthorized exports and re-exports of electronics, microelectronics and related technical data that are subject to ITAR. more “Export Control in the News: AeroFlex’s ITAR Settlement and Standards for Export Compliance”

The Politics of Export Control Reform: Why Less Licensing = More Complexity

by Gary Stanley

Just as with past export control reform efforts in the Clinton and Bush II years, the Obama Administration started with the best of intentions to make U.S. export and re-export control rules more straightforward and less burdensome.  Without dispute, it has pushed through broader changes than any of its predecessors.

Like its predecessors’ changes, however, the Obama Administration’s may have reduced the licensing burden, but at the expense of making U.S. export and re-export controls more difficult to understand and administer.  The reason lies in the politics of U.S. export controls. more “The Politics of Export Control Reform: Why Less Licensing = More Complexity”