On September 28, 2017, the Defense Security Service (DSS), part of the U.S. Department of Defense, issued a directive to all government contractors with information systems under its control to remove Kaspersky Lab software from all DSS-authorized information systems. DSS oversees the National Industrial Security Program (NISP).
On December 30, 2015, the U.S. Department of Defense issued a new interim rule about implementing a previously issued interim rule about cyber security. The new interim rule gives government contractors and subcontractors more time to implement security requirements.
On October 30, the U.S. Department of Defense (DoD) issued a final rule governing supply-chain risk and government procurement. This final rule replaces the interim rule issued on November 28, 2013.