The Community Weighs In On Proposed DFARS Changes
DoD has proposed changes to the Defense Federal Acquisition Regulation Supplement (DFARS) tohelp enhance security of DoD information in use at contractor facilities. This report provides contexton those changes including insights from a recent survey of the federal IT community.
Respondents to a recent survey of members of the federal IT community provides useful context onthe proposed DFARS changes. It was interesting to note, however, that few believe the government isbest at protecting information.
In July, CTOvision.com created and distributed a survey on the new proposed Defense FederalAcquisition Regulation Supplement (DFARS) to safeguard unclassied Department of Defenseinformation on contractor networks. After receiving responses from government, industry, andacademia, we’ve summarized feelings and expectations towards the policy below. Of the respondents,73% said that they were familiar with DFARS, so we believe we hit a good community with oursurvey. Additionally, about a third of the respondents reported that they were security executives,and another third said they were practitioners. It is good having inputs from both those groupings. Aquarter of respondents were in government and three fourths came from industry and academia.
Summary of the proposed DFARS changes:
Draft changes to the Defense Federal Acquisition Regulation Supplement were proposed after therecent string of high prole cyber attacks on defense contractors. Information on Department of Defense networks is protected by DIACAP standards but as of now, protecting information on privatenetworks is left up to the company’s discretion. Yet since so much of the government’s informationstorage and R & D is performed by private corporations, DFARS has been put forward in an attempt to1