Yesterday, OMB’s Office of Information and Regulatory Affairs announced that it had received a final rule from the Department of Defense on “DOD Sends DIB Cybersecurity Final Rule to OMB”. The notice of proposed rulemaking (NPRM) for this action was published on May 3rd, 2023.
According to the Fall 2023 Unified Agenda entry for this rulemaking:
“The DIB CS Program currently provides cyber threat information to cleared defense contractors. Proposed revisions would allow all defense contractors who process, store, develop, or transit DoD controlled unclassified information to be eligible for the program and to receive cyber threat information. Expanding participation will allow a broader community of defense contractors to participate in the DIB CS Program and is in alignment with the National Defense Strategy.”
That Unified Agenda entry includes the following risk statement:
“Threats to unclassified
information systems represent a risk of compromise of DoD information and
mission. This threat is particularly acute for
small and medium size companies with less mature cybersecurity capabilities.
Through collaboration with DoD and the sharing with other contractors in the
DIB CS Program, defense contractors will be better prepared to mitigate the
cyber risk they face today and in the future.”
Posts
No comments:
Post a Comment