In addition to the Rule 41 Amendments recently discussed by this blog, the DoD has clarified cybersecurity guidelines for government contractors. The rule requires “adequate security”, which is normally equated with the NIST standards, and also establishes a reporting requirement for any time a contractor’s networks are penetrated. A detailed analysis of the rule, including its implications for export control, can be found here. The full text of the regulation is below.
Leave a Reply