Comments on Proposed DOD Cybersecurity, Contractor Rule Changes Due Oct. 26
The Department of Defense issued a proposed interim rule on cyber incidents. It would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a section of the National Defense Authorization Act for FY 2013 and a section of the…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
National Defense Authorization Act for FY 2015, both of which require contractor reporting on network penetrations, said a DOD notice in Wednesday's Federal Register. “This interim rule requires contractors and subcontractors to report cyber incidents that result in an actual or potentially adverse effect on a covered contractor information system or covered defense information residing therein, or on a contractor's ability to provide operationally critical support,” the Pentagon said. “Cyber incidents involving classified information on classified contractor systems will continue to be reported in accordance with the National Industrial Security Program Operating Manual.” Comments are due Oct. 26.