From: UPI

U.S. defense contractors are now required to incorporate established information  security standards on their unclassified networks.

Under an amendment to the U.S. Defense Federal Acquisition Supplement, they  are also required to report incidents of cyber-intrusions that result in the  loss of unclassified, controlled technical information from their networks.

“Defense contractors throughout the department’s supply chain have been  targeted by cyber-criminals attempting to steal unclassified technical data,”  said Frank Kendall, undersecretary of defense for acquisition, technology and  logistics.

“This (the new requirement) is an essential step to ensure that this valuable  information is protected,” he said. “We cannot continue to give our potential  adversaries the benefits in time and money they obtain by stealing this type of  information.

“This amendment will apply to all new contracts that will use or generate  technical information,” Kendall said.

The amendment was published on Monday.

The Department or Defense said protection of technical information is  critical to preserving the intellectual property and competitive capabilities of  U.S. industry, and that while the technical information on networks may be  unclassified it still contains data, designs and operational concepts concerning  defense system requirements.