Department of Defense Issues New Cyber Incident Reporting and Cloud Computing Requirements for Contractors

| April 26, 2016

article image
U.S. Department of Defense (“DoD”) published an interim rule entitled Defense Federal Acquisition Regulation Supplement: Network Penetration Reporting and Contracting for Cloud Services (DFARS Case 2013–D018) (the “Interim Rule”), that streamlines the obligations for contractors to report network penetrations and establishes DoD requirements for contracting with cloud computing service providers. The Interim Rule amends the information security contracting framework set forth in the Defense Federal Acquisition Regulation Supplement (“DFARS”) to implement section 941 of the National Defense Authorization Act (“NDAA”) for Fiscal Year (“FY”) 2013 and section 1632 of the NDAA for FY 2015, both of which impose cyber incident reporting obligations on contractors.The Interim Rule requires DoD contractors and subcontractors to report cyber incidents that result in a compromise or have an actual or potentially adverse effect on a covered contractor information system or the covered defense information residing therein. Covered defense information includes controlled technical information, export controlled information, critical information and other information requiring protection by law, regulation or government-wide policy. Pursuant to the Interim Rule, contractors and subcontractors will be contractually obligated to report such cyber incidents to the DoD within 72 hours of discovery.

Spotlight

Genatec

Genatec is a well-established, successful Canadian IT (Information Technology) consulting and business solutions company, fuelled by a team of highly skilled professionals who are trained to be “at your service” and thinking proactively about your future, from the minute you hire us and throughout your ongoing success.

OTHER ARTICLES

Google Cloud launches from Google I/O 2021

Article | May 25, 2021

And that’s a wrap for Google I/O 2021! Its virtual nature this year surely didn’t stop its viral nature, as we saw over 215,000 registrants, over 235 sessions, 186,565 badges earned, and dozens of workshops and AMAs. Viewers from around the world once again tuned in to learn about the latest launches from Google, including Android, WearOS, Flutter, and TensorFlow. Developers came to sharpen their skills by learning the newest tools, APIs, and improved experiences to help them build. Google Cloud has become a big part of the excitement as it unveiled a number of major launches around AI, Google Workspace, and sustainability, including a new unified AI platform, rich collaborative experiences, and breakthroughs in carbon-aware computing. If you couldn’t make it and want a quick list of the best cloud sessions, check out my cloud developer’s guide to I/O. To get to the heart of Google Cloud I/O announcements, read on.

Read More

How cloud companies are reacting to Covid-19 and services offered: AWS, Alibaba, and more

Article | March 24, 2020

As the Covid-19 pandemic continues, with citizens across many countries urged to work from home where possible, it has posed a unique challenge for both frontend applications and the backend technologies underpinning them.A lot of attention has, understandably, focused on the former. Zoom, which appears to be the videoconferencing tool du jour for many businesses, has held up well thus far, although at the time of print (March 23) some downtime issues in the UK have been detected. Similarly, outside of work, Netflix is lowering its video quality to keep up with demand. Yet underneath it all, cloud infrastructure providers are aiming to keep their systems online throughout the pandemic.Whether it is cloud software or infrastructure, many of the world’s leading companies are making their tools available for certain users primarily healthcare organisations or researchers working on Covid-19.

Read More

4 Ways Businesses Can Protect Their Cloud Servers

Article | February 26, 2020

More businesses than ever are using cloud services to store data and run their essential business applications.If your business is using Google Drive, Dropbox, or other cloud platforms like HubSpot, then you may assume that all of your data is secure.However, as secure as cloud-based platforms should be, they are also where all of your sensitive data is being stored. While in house data environments will never be as secure as cloud storage, there are still vulnerabilities.From user lapses to data transference, there are key areas where you should be prioritizing improvements to boost the security inherent in the cloud.Here are the four best ways that you can protect your cloud servers and the data that you store within them.

Read More

What Is the Right Level of Cloud to Handle Data Sharing Needs

Article | February 11, 2020

Moving email and collaboration tools to the cloud was relatively simple for federal agencies, compared to the next project: moving data.As more agencies look to share data and collaborate more closely, solving the challenges of how to store data in a way that makes it accessible and usable to multiple agencies are becoming more urgent.In many cases, it’s not the technology that’s the difficult piece, it’s bringing the organization together on a different architecture. Cloud is not new at this point,” said Beth Halloran, deputy CIO at the General Services Administration, at Cloudera’s recent Data Cloud Summit.You can’t just say, ‘It’s going to save us money by going into the cloud,” she continued. “You have to understand what level of cloud is going to save you money, and infrastructure and services is not it. It’s part of an ecosystem, and you’re going to have to look at the totality of doing it.

Read More

Spotlight

Genatec

Genatec is a well-established, successful Canadian IT (Information Technology) consulting and business solutions company, fuelled by a team of highly skilled professionals who are trained to be “at your service” and thinking proactively about your future, from the minute you hire us and throughout your ongoing success.

Events