What, specifically, constitutes reporting to the federal government in terms of a “cyber incident”?
- Arlington Security Portal - Show on: Side Bar
Per the Department of Homeland Security (DHS), a cyber incident is an event that could jeopardize the confidentiality, integrity, or availability of digital information or information systems. Per the DFARS 7012, a “Cyber incident” means actions taken using computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein. Therefore, report all cyber incidents that may:
- Result in a significant loss of data, system availability, or control of systems.
- Impact a large number of victims.
- Indicate unauthorized access to, or malicious software present on, critical information technology systems.
- Affect critical infrastructure or core government functions; or
- Impact national security, economic security, or public health and safety.
Need a Documented Incident Response Plan? Talk to Arlington
DoD contractors - and other contractors providing services to federal agencies - need to have in place a well-documented incident response plan. With Arlington, we offer two (2) options. We can develop a customized incident response plan for your organization, or you can simply visit the Arlington Security Portal (ASP) and download our industry leading incident response plan template for DoD contractors, along with dozens of other high-quality NIST RMF policies, procedures, programs, plans – and other highly essential documents & templates.
