Cyber EO enters rulemaking phase with expected contractor requirements for incident reporting, supply chain security

Incident reporting requirements for federal contractors are expected in the coming weeks as the federal government wraps up work on several deliverables from President Biden’s 2021 cyber executive order.

The rulemakings are requirements from section two of the EO, “Removing Barriers to Sharing Threat Information.” One of the changes to the Federal Acquisition Regulation establishes requirements for contractors to report incidents to their respective agencies, while a second FAR rule would “standardize common cybersecurity contractual requirements across Federal agencies for...