Comments on Proposed DOD Cybersecurity, Contractor Rule Changes Due Oct. 26
The Department of Defense issued a proposed interim rule on cyber incidents. It would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a section of the National Defense Authorization Act for FY 2013 and a section of the…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
National Defense Authorization Act for FY 2015, both of which require contractor reporting on network penetrations, said a DOD notice in Wednesday's Federal Register. “This interim rule requires contractors and subcontractors to report cyber incidents that result in an actual or potentially adverse effect on a covered contractor information system or covered defense information residing therein, or on a contractor's ability to provide operationally critical support,” the Pentagon said. “Cyber incidents involving classified information on classified contractor systems will continue to be reported in accordance with the National Industrial Security Program Operating Manual.” Comments are due Oct. 26.