According to The Hill, the Obama administration has issued new cybersecurity rules for government contractors handling sensitive information. The guidelines would require that such contractors “meet baseline security requirements and report digital intrusions to authorities.”
Additionally, the guidelines state that if a contractor is not meeting the minimum expectations then DHS would be allowed to deploy its own networking monitoring system on the contractors’ networks. According to the Office of Management and Budget, “the proposed guidance will strengthen government agencies’ clauses regarding the type of security controls that apply, notification requirements for when an incident occurs, and the requirements around assessments and monitoring of systems.” The Hill has the whole story.