DoD implements stricter cyber incident oversights, cloud computing guidelines

August 27, 2015 Off By David

Grazed from FierceGovernmentIT. Author: Robert Bartley.

The Defense Department Wednesday initiated two sets of policies to enforce stricter guidelines when dealing with about 10,000 contractors the department trusts with offsite cyber information. One part of the interim rule, called "Defense Federal Acquisition Regulation Supplement: Network Penetration Reporting and Contracting for Cloud Services," will amend the DFARS to include mandates passed in recent Defense funding bills for stricter contractor reporting rules on cyber incidents.

According to the issuance, this is part of a greater effort to streamline contractor incident reports. For their part, the National Defense Authorization Acts from two of the last three years sought to require more DoD oversight on contractor systems during potential cyberattacks. The NDAA from fiscal year 2013 (pdf) requires that cleared defense contractors report network penetrations to DoD…

Following such a report, the act grants DoD personnel access to the equipment for cyber investigation purposes…

CategoryNews

Cisco and OpenDNS: A New Day in Cloud Security

Cloud Computing: VMworld kicks off at Moscone; will VMware appease the faithful?