The Defense Department has introduced a new measure that seeks to guide military contractors on when and how to reportÂ incidents of data breaches and other network attacks to the agency, Nextgov reported Wednesday.
DoDâs decision to release the Network Penetration Reporting and Contracting for Cloud ServicesÂ regulations is in response to a series of cyber attacks against defense contractors,Â Aliya Sternstein writes.
The interim rule also details procedures whenÂ contractors purchaseÂ cloud services.
DoDÂ will implement the policy prior to a public comment period, Defense Acquisition Regulations System EditorÂ Jennifer Hawes said in the guidance.
Under the new rule, contractors and subcontractors are required to report within three days incidents of cyber attacks that involve confidential scientific and technical military information and export-controlled data to DoD via the Defense Industrial BaseÂ Cyber Security/InformationÂ Assurance online portal, according to the report.