A Medium Assurance Certificate is required to report a Cyber Incident, applying to the DIB CS Program is not a prerequisite to report.
DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting
DFARS 252.239-7010 Cloud Computing Services
FAR 52.204-23 Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities
FAR 52.204-25 Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment
Contact DoD Cyber Crime Center (DC3) DC3.DCISE@us.af.mil Hotline: (410) 981-0104 Toll Free: (877) 838-2174
The DIB CS Program is a voluntary public-private cybersecurity partnership in which DoD and participants share cyber threat information, mitigation and remediation strategies, and more.
The Cyber Threat Roundup is a weekly collection of recent open-source articles of interest for the Defense Industrial Base. For the latest edition of the Cyber Threat Roundup, please click here.
For more information about other products, please apply to the DIB CS Program.
A DoD-approved Medium Assurance Certificate is required to access DIBNet services. To obtain a DoD-approved Medium Assurance Certificate, please click here.
DoD contractors shall report as much of the following information as can be obtained to DoD within 1 business day of identifying or being notified by a subcontractor that a covered article was provided to the Government during contract performance.
See FAR 52.204-23 Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities for more information.
See FAR 52.204-25 Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment for more information.
DoD contractors shall report as much of the following information as can be obtained to DoD within 72 hours of discovery of any cyber incident.
See DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting for more information.
See DFARS 252.239-7010 Cloud Computing Services for more information.
DIB participants are encouraged to report information to promote sharing of cyber threat indicators that they believe are valuable in alerting the Government and others, as appropriate in order to better counter threat actor activity. Cyber incidents that are not compromises of covered defense information or do not adversely affect the contractor’s ability to perform operationally critical support may be of interest to the DIB and DoD for situational awareness purposes.
DoD established the Defense Industrial Base (DIB) Cybersecurity (CS) Program to enhance and supplement DIB participants' capabilities to safeguard DoD information that resides on or transits DIB unclassified networks or information systems. This public-private cybersecurity partnership is designed to improve DIB network defenses, reduce damage to critical programs, and increase DoD and DIB cyber situational awareness. Under the DIB CS Program, DoD and DIB participants share unclassified and classified cyber threat information.
See 32 Code of Federal Regulations (CFR) Part 236, DoD's DIB Cybersecurity Activities for more information.
Learn more about DoD's DIB Cybersecurity efforts here.
The Manufacturing Overlay was created to help secure information systems supporting manufacturing processes, and was developed through a partnership with cybersecurity experts from the Defense Industrial Base (DIB) Cybersecurity (CS) Program and USG. The Manufacturing Overlay is intended to complement (and further refine) existing security control baselines; further tailoring of controls may be required for systems with additional security or operational considerations.
The DIB Guide to Implementing the Cybersecurity Framework supports DoD’s critical infrastructure responsibilities for the DIB. This Guide was developed working with our private sector partners to implement the Framework, while also incorporating the security requirements of NIST SP 800-171.
The DoD-Defense Industrial Base Collaborative Information Sharing Environment (DCISE), through the DoD Defense Cyber Crime Center (DC3), serves as the operational focal point for the DIB Cybersecurity Program under 32 Code of Federal Regulations, Part 236. DCISE fosters a cyber threat information sharing partnership with DIB participants by performing cyber analysis, offering mitigation and remediation strategies, providing best practices, and conducting analyst-to-analyst exchanges with DIB participants. Learn more about DCISE and DC3 capabilities here: