This is session 3 of 4 in the Fundamentals of Cybersecurity and Regulatory Updates Series.
Cara Wulf and Philip Lee identify how to ensure that good cybersecurity hygiene flows through a contractor’s supply chain. We will discuss the Defense Contract Management Agency’s (DCMA) mandate to examine contractor compliance with cybersecurity requirements as part of its Contractor Purchasing System Reviews (CPSR) and its implications for contractors in the near future. At the end of the session, they discuss the pair of Proposed Rules issued in October 2023 (addressing “Cyber Threat and Incident Reporting and Information Sharing” and “Standardizing Cybersecurity Requirements for Unclassified Federal Information Systems”), and explore the implications of those Proposed Rules for contractors.