Many people are unaware that a significant number of U.S. companies are subject to regulations that share some similarities with the European General Data Protection Regulation (which has companies that handle European data scrambling to get into compliance).
Specifically, government contractors have obligations pursuant to Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7000 et. seq.
Entities subject to the provisions were given until Dec. 31, 2017, to comply with certain aspects as discussed below. If your organization is a contractor or subcontractor that handles “controlled unclassified information” (see here) you need to make sure your house is in order to comply.
Keep reading this article at: https://www.law360.com/articles/968247/dfars-cyber-compliance-deadline-is-approaching