14 DAY TRIAL // On Friday, October 1, the US Department of Defense announced via the Federal Register that all large military contractors will have to notify the Pentagon of any cyber-attack they detect.
The move comes to help US intelligence in getting a quicker view of incoming cyber-attacks, and to be able to mitigate attacks in real-time, or to isolate contaminated third-party contractors.
As the official announcement reads, third-party contractors will have to report any "cyber incidents that result in an actual or potentially adverse effect on a covered contractor information system or covered defense information residing therein."
The DoD is extremely focused on getting information about incidents that threaten specific types of programs and information, like operational and technical information.
By making it a mandatory operation, the DoD is trying to criminalize any intent of hiding such intrusions from Pentagon officials.
Additionally, while reporting on past cyber-incidents does nothing to protect data security, the Pentagon is also building a database of sensitive, technical, or military information that might have reached the black market or the intelligence offices of other states.
Recent hacks and data breaches had an effect on US security policies
In recent months, and especially after the OPM (Office of Personnel Management) hack, the US government has had to pull various intelligence agents from foreign countries, fearing their identity has been breached.
By centralizing any data breaches and cyber-attacks on its third-party controlled military IT infrastructure, the DoD is trying to identify threats to its agents and military personnel before their lives are put in any kind of serious and life-threatening danger.
Outside of this last security policy update, the White House additionally released a guideline on how any government contractor should handle sensitive data back in August.
This guideline also contained recommendations on how government contractors should report cyber-intrusions to law enforcement and government officials.