HDR farblog
1 minute reading time (265 words)

DoD issues new cybersecurity implementation plan

The U.S. Department of Defense (DoD) has issued a revised Cybersecurity Discipline Implementation Plan. The previous version of the plan was issued in October 2015; the latest edition was released in February 2016.

Although the primary focus of the document is on the duties and responsibilities of commanders and supervisors in the DoD, the document may be useful to government contractors who are considering how to comply with the requirements for securing controlled unclassified information (CUI), as well as information systems provided under contract to the DoD. In fact, the document directs commanders and supervisors to mitigate risks and report cyber readiness for the information systems they own, manage, or lease for mission assurance through the Defense Readiness Reporting System (DRRS). So if a government contractor provides computer services for a DoD mission, the contractor may soon be hearing from DoD about complying with the provisions of this plan. In addition, all contractors should be expecting additional contract provisions about information security that require compliance with the plan.

In addition, the document can be reviewed for good general guidance about various information security issues, including strong authentication, device hardening, firewalls, discontinuing the use of Windows XP, and so forth.

See these previous posts:

Items on this web page are general in nature. They cannot—and should not—replace consultation with a competent legal professional. Nothing on this web page should be considered rendering legal advice.


© 2016

Electrical contractor grazed by treble-damages bul...
Proposed FAR rule about prohibiting whistleblowing...

Related Posts



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 24 February 2020

Captcha Image