DOD Enhances Security Measures for Unclassified Controlled Technical Information

February 19, 2014

DOD Enhances Security Measures for Unclassified Controlled Technical Information

On November 18, 2013, the Department of Defense (DOD) issued a final Defense Federal Acquisition Regulation Supplement (DFARS) rule creating a new DFARS clause, DFARS 252.204-7012. This clause is mandatory for all DOD prime and subcontracts, and imposes heightened security safeguards and mandatory reporting requirements on DOD contractors handling unclassified controlled technical information. As defined in the clause, unclassified controlled technical information means “technical data or computer software with military or space application that is subject to controls on access, use, disclosure, or distribution, including engineering data and drawings, associated specifications, data sets, studies and analyses, computer software executable code, and source code.” Specifically, the clause dictates that contractors that have unclassified controlled technical information that is resident on or transiting through their unclassified information systems must comply with certain heightened safeguarding protections. Additionally, contractors must comply with certain cyber incident reporting and investigation requirements. The rule became effective November 18, 2013. (78 Fed. Reg. 69273, 11/18/2013.)






NCMA Resources | Advertise | Privacy Policy | Contact Us | Site Map | © 2012 National Contract Management Association