DoD established new cybersecurity regulations for contractors Dec. 31, 2017

Published

On Dec. 31, 2017, the Department of Defense (DoD) established new cybersecurity regulations for contractors. Contractors must meet these new standards, or risk losing DoD contracts.

In general, contractors must assess their information systems, develop a security plan and create an action plan to deal with cyber threats.

These security controls must be implemented at both the contractor and subcontractor levels. In particular, the new regulations require contractors to:

  • Assess and report damage caused by cyber incidents
  • Identify, isolate and handle malicious software
  • Preserve and protect all media involved in a cyber incident
  • Provide DoD with access to information or equipment
  • Ensure all subcontractors comply with these requirements.

image of PTAC contracting guidelines

For further assistance complying with DoD’s cybersecurity requirements, please contact a MO PTAC procurement counselor.

Video and template funded through a cooperative agreement with the Defense Logistics Agency and created with the support of the Georgia Institute of Technology. The content of the video presentation does not necessarily reflect the official views of or imply endorsement by the U.S. Department of Defense, the Defense Logistics Agency or Georgia Tech.