January 20, 2015

Legal Minute: Cybersecurity Reporting Requirements for Government Contractors

Government Contracts Partner Mary Beth Bosco explains the new cyber breach reporting requirements for defense contractors based on the recent passage of the National Defense Authorization Act for Fiscal Year 2015.

The NDAA created a new cyber breach reporting requirement affecting Department of Defense (DoD) contractors supporting transportation and logistics in connection with contingency operations, now known as "operationally critical contractors." An operationally critical contractor is defined as a "critical source of supply for airlift, sealift, intermodal transportation services, or logistical support that is essential to the mobilization, deployment, or sustainment of the Armed Forces in a contingency operation." This new class of contractors will therefore include companies, such as commercial airlines or rail or motor carriers, that transport DoD personnel, equipment or supplies, including fuel.

Ms. Bosco reviews this new criteria and offers guidance to help federal contractors comply with the new law.

Related Insights