For those involved in DoD Contracts: New Cyber-Security Rules

The DoD is imposing a strict deadline of December 31, 2017 for all defense contractors to become compliant with the often overlooked DFARS 252.204-7012 “Information Safeguarding and Cyber Incident Reporting” clause which is now part of every DoD contract and solicitation (other than purely COTS procurements).

The clause requires contractors to implement a very specific set of more than 110 security controls in order to remain eligible to bid on or perform work on DoD contracts that involve Covered Defense Information (CDI), a type of unclassified but sensitive information that is common in the  industry.  Prime contractors are responsible to ensure that all subs are compliant, or they must withhold the CDI from their subs, which could have significant impacts to the supply chain.

Read more here.

The Cyber Collaboration Center ( is sponsoring a series of free nationwide webinars to provide updates on DFARS 7012 compliance issues and resources for contractors who are faced with the challenge of becoming compliant before the end of the year.

The first webinar in the series is scheduled for Thursday, July 13 at 1400 PDT / 1700 EDT.  It will be delivered through live streaming and is expected to last 45 minutes, depending on the amount of Q&A. The free webinar series will provide updated information, highlights from  the Industry Day and other government-issued updates, and resources to help the contracting community understand how to interpret the regulations, identify their compliance gaps, and implement the prescribed security controls. For more information, check the event page on our website.