Federal contractors trying to report a hack on their computer systems struggle with a maze of piecemeal regulations, contracting experts say. And clarifying that ambiguity could be a difficult long-term project because there is likely no one bill or executive action that would do the trick.
“The compliance issues are hard for government contractors because you don’t have one box, one checklist of things you can do for all of your contracts to make sure that you’re compliant,” said Elizabeth Ferrell, a partner at McKenna Long and Aldridge, at a Nov. 6 conference hosted by the Coalition for Government Procurement in Washington.
The revelation in August of a high-profile breach at U.S. Investigations Services and the Office of Personnel Management’s subsequent decision to terminate the firm’s background-check contracts drove home the vulnerability of federal contractors to cyberattacks and prompted some to reassess their security. OPM’s ditching of USIS also raised the question of whether government agencies will write higher data security standards into contracts.
Keep reading this article at: http://fcw.com/articles/2014/11/06/cyber-regs-contractors.aspx