Friday, December 8, 2023

DOD Sends DIB Cybersecurity Final Rule to OMB

Yesterday, OMB’s Office of Information and Regulatory Affairs announced that it had received a final rule from the Department of Defense on “DOD Sends DIB Cybersecurity Final Rule to OMB”. The notice of proposed rulemaking (NPRM) for this action was published on May 3rd, 2023.

According to the Fall 2023 Unified Agenda entry for this rulemaking:

“The DIB CS Program currently provides cyber threat information to cleared defense contractors. Proposed revisions would allow all defense contractors who process, store, develop, or transit DoD controlled unclassified information to be eligible for the program and to receive cyber threat information. Expanding participation will allow a broader community of defense contractors to participate in the DIB CS Program and is in alignment with the National Defense Strategy.”

That Unified Agenda entry includes the following risk statement:

“Threats to unclassified information systems represent a risk of compromise of DoD information and mission. This threat is particularly acute for  small and medium size companies with less mature cybersecurity capabilities. Through collaboration with DoD and the sharing with other contractors in the DIB CS Program, defense contractors will be better prepared to mitigate the cyber risk they face today and in the future.”

No comments:

/* Use this with templates/template-twocol.html */