In the News: The DOD’s New Cybersecurity Compliance Requirements

Asylas
Asylas
Aug 8, 2017 · 2 min read

As cyber attacks continue to wage war on companies, we’ve seen an increase in cybersecurity regulations in businesses and industries, even on a federal level. The Department of Defense (DOD) recently announced new cybersecurity compliance requirements for its contracted workers, according to an article from Lexology.

There are 110 security requirements in this new regulation, which are divided into 14 categories, including access control, identification and authentication, risk assessment and more. Many businesses can look to the DOD’s new regulation as an example of what security requirements should be in place, especially when dealing with contract workers.

Key takeaways:

· Involve senior executives in cybersecurity — Company leaders must recognize their cyber risk and set a standard for compliance. For this to happen effectively, there must be buy-in from the executive team, a clear set of policies and procedures and a baseline assessment to determine which areas to improve.

· Vet your third-party vendors — Categorize company vendors by risk level and apply data restrictions based on the threat they pose to your company. This can be a laborious task but will pay significant dividends by giving you increased visibility into your true risk footprint. It may even save you from a breach down the line.

· Take a proactive approach — Choosing to neglect your company’s cybersecurity will almost certainly result in a breach. Like the DOD, implement preventative measures to protect sensitive data from falling into the wrong hands.

To learn more about the DOD’s new cybersecurity regulation, check out the article here.