Fed Contractors: Implement Cyber Standards

To Fed Contractors:

“DOD is facing the same threats that you are. And with these regulations, we are asking to implement some of the same defenses as we are implementing for the department’s networks”. – Acting DOD CIO John Zangardi

DoD message to Fed Contractors

Defense contractors have until the end of calendar year 2017 to begin complying with a new Pentagon regulation: “Safeguarding Covered Defense Information and Cyber Incident Reporting,”

As described in the National Archive and Records Administration’s Controlled Unclassified Information (CUI) Registry “… unclassified controlled technical information or other information” contractors must provide “adequate security” hold on their networks or systems.

At the opening of DoD industry day, addressing the updated regulation that requires all vendors who do business with the department, Zangardi said “It relates directly to what we’re asking you to do today: these include information sharing, building bridges to the private sector and developing and implementing private sector exchange programs, and last but not least, improving accountability and responsibility for the protection of data across DoD and the defense industrial base.”


Cyberespionage and ransomware attacks are on the increase warns the Verizon 2017 Data Breach Investigations Report


In order to “adequately protect” U.S. national security US Department of Defense FISCAL YEAR 2018 BUDGET REQUEST is $639.1 billion.

While the technology side of things is more behind the scenes than the big-ticket programs and systems, it did get a boost in the 2018 request — including a nearly 6 percent increase over 2017 in science and technology spending at $13.2 billion. Big winners there include the Defense Advanced Research Projects Agency ($3.1 billion), “robust basic research” ($2.2 billion) and the Strategic Capabilities Office ($1.2 billion for “three primary focus areas: enabling systems to cross or blur domains, creating teams of manned and autonomous systems, and leveraging enabling commercial designs and technologies”). – “New DoD budget to rebuild readiness, advance tech” C4ISRNET May 23, 2017

The DoD has increased and heightened cybersecurity measures in the recent years and the DoD is requiring their industry partners and vendors to heighten their own networks and systems. The message was clear to Fed Contractors “The cyberthreat is not going away; we have to defend our networks and systems, and you’re part of that defense”

Published on Jun 19, 2017
The Defense Federal Acquisition Regulation Supplement (DFARS) is a supplement to the FAR that provides Department of Defense-specific acquisition regulations that DoD government acquisition officials and contractors doing business with DoD must follow in the procurement process for goods and services. This session will discuss the implications for meeting DFARS in the cloud and provide practical guidance on how DoD and defense contracting organizations can meet DFARS requirements using AWS GovCloud (US). The session will also feature a customer use case on addressing DFARS in AWS GovCloud (US).

Please follow and like us: