Friday, August 15, 2014

US defense contractors awaiting breach notification rules

US defense contractors still waiting for breach notification rules
The US Congress will require "cleared defense contractors" - i.e. those who have been granted clearance by the DoD to access, receive, or store classified information - to effect a rapid report in the wake of a successful breach, and to include in it a description of the technique or method used in the penetration, a sample of the malicious software used (if discovered), and a summary of information created for the Department in connection with any Department program that has been potentially compromised due to such penetration.

Defense contractors have become preferred targets for cyber spies who, it seems, find their networks easier to breach than those of government departments and agencies.

No comments:

Post a Comment