On August 26, 2015, the Department of Defense (DoD) issued an interim rule that imposes expanded obligations on defense contractors and subcontractors with regard to the protection of “covered defense information” and the reporting of cyber incidents occurring on unclassified information systems that contain such information. Nearly three years in the making, this interim rule replaces the DoD’s prior Unclassified Controlled Technical Information (“UCTI”) Rule, imposing new baseline security standards and expanding the information that is subject to safeguarding and can trigger the reporting requirements. Additionally, the interim rule implements policies and procedures for safeguarding data and reporting cyber incidents when contracting for cloud computing services.
DOD Issues Interim Rule Addressing New Requirements for Cyber Incidents and Cloud Computing Services
Friday, August 28, 2015
Current Legal Analysis
More from Covington & Burling LLP
Upcoming Legal Education Events
May
22
2024
May
17
2024