Government Contracts & Grants

Cybersecurity and Sensitive Government Data Handling

Government contractors and grantees handle many kinds of sensitive government information, including, but not limited to, controlled unclassified information, covered defense information, and personally identifiable information. This information is required to be protected from unauthorized access through a patchwork of statutes, standards, contract and agreement terms and conditions, and regulatory memoranda. Whether the requirement at issue comes from, among other sources, the Federal Information Security Management Act, National Institute of Standards and Technology, the Federal Acquisition Regulation (FAR) and its supplements (including DFARS clause 252.204-7012), or Office of Management and Budget memoranda, contractors and grantees need to have policies, processes, systems, and tools in place to adequately and effectively address these data and cybersecurity requirements.

The Ankura team of data and cybersecurity experts advises clients on the most effective and risk-appropriate approaches to ensuring that sensitive government data in their possession, custody, or control remains adequately protected from unauthorized access in compliance with applicable requirements. In particular, the Ankura team provides clients with:

  • Sensitive data and cybersecurity governance, risk, and compliance programs
  • Sensitive data identification, mapping, and classification studies
  • Data user and handler policies, processes, and training
  • Insider threat programs
  • Third-party security due diligence and assessments
  • Sensitive data network assessments, mapping, and configurations
  • Security tools assessments
  • Security architecture development, planning, and implementation
  • Network and endpoint monitoring and defense
  • Sensitive data loss prevention tools
  • Breach notifications and incident response
Get in Touch
Michael Garson
Senior Managing Director