Microsoft Teams: A Necessity for Effective Remote Workforces
Your Information Is Safe With Us. Tier One Technology Partners will never sell, rent, share or distribute your personal details with anyone. In addition, we will never spam you.
Department of Defense contractors are subject to stringent security requirements in order to remain in compliance with regulatory guidelines. One of those compliance obligations focuses on notifying the DoD of cybersecurity incidents.
Contractors must meet guidelines spelled out in the Defense Acquisition Federal Regulation Supplement (DFARS), which requires contractors to adhere to cybersecurity requirements spelled out by the National Institute of Standards and Technology, specifically standard NIST SP 800-171.
The guidelines state that contractors need to provide adequate security across 14 categories of defense information stored in or sent by a contractor’s information management systems. If a cyber incident occurs, the contractor must alert the DoD about the company’s response and allow access to the affected media if necessary.
How Do The Regulations Define Cybersecurity Incidents?
The DFARS documentation defines a cyber incident as “actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.” The guidelines also address other aspects of a breach, including compromises (the disclosure of information to an unauthorized individual or violation of a system’s security policy) and counterfeit electronic parts.
A cyber incident may include a physical intrusion, such as when an unauthorized person gains direct access to facilities, documents or computers, including break-ins or thefts of equipment. Network and system breaches are usually remote online attacks by individuals or nation-states and can take the form of economic espionage, ransomware attacks or the introduction of malicious software
When and How Do You Report Cyber Incidents?
DoD contractors and subcontractors are required to use system monitoring tools implemented and managed by your own IT department or a managed IT services provider. When those tools detect a compromise or an attempted compromise of your information systems, the DFARS reporting requirement is triggered.
What Information Is Required When Reporting a Cyber Incident?
Once it has been determined that a cyber incident has occurred, contractors are required to submit within 72 hours:
The cyber incident report is an extensive document, requiring 20 items of information, including:
For contractors that are providing cloud services, there are 16 items required in the report, including:
How Are Cyber Incidents Detected?
The best way to ensure that you’re compliant is to have strong layers of security that cover your networks, systems, endpoints and users. Those protections need to meet the standards required by the federal compliance mandates and provide for the rapid detection and reporting of incidents.
Tier One Technology Partners offers extensive compliance assessments and solutions designed to keep your company in good standing with federal agencies. To learn more about why federal contractors turn to Tier One Technology Partners for compliance adherence, contact us for a free, no-obligation initial consultation today.
Ready to speak with a member of our IT support and managed IT services team? Use the form to the right to book an initial consultation with your next Baltimore IT company.