Header graphic for print
Steptoe Cyberblog

Three Recent Cybersecurity and Information Systems Management Rules Impact Government Contractors

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

In the last two months, the federal government has issued a number of cybersecurity-related regulations that are or will be directly or indirectly applicable to a wide range of federal contractors and subcontractors, and more rules are expected. The three recent rules discussed here on controlled unclassified information, defense industrial base cyber reporting, and network penetration protection and reporting present a complex and inter-related set of requirements and standards that federal contractors and companies in their supply chains should understand.