I wondered what ever happened to this. With the complexity involved in meeting these requirements, no wonder the proverbial can is being kicked down the road until late 2017. In the meantime contractors only have to report penetrations into their networks within 72 hours.
The Pentagon has delayed for almost two years a requirement that as many as 10,000 companies show that they have systems to protect sensitive but unclassified information from cyber-attacks before signing new defense contracts.
“We got feedback from industry that they did not think they could fully comply Day One” with the demand that contractors document a fully operating access-authentication system down to the subcontractor level, Claire Grady, director of defense procurement and acquisition policy, said in an interview. “We want people headed in the right direction,” but “we probably overestimated what the state of the industry was.”
Congress mandated new cybersecurity rules as part of the Pentagon’s budget authorization in 2013 after repeated warnings from officials about hacking threats and successful incursions at companies including Lockheed Martin Corp., the biggest U.S. defense contractor.
Today’s post pic is from Wikipedia.org. See ya!