32 CFR 236.3 - Policy.

Beta! The text on the eCFR tab represents the unofficial eCFR text at ecfr.gov.
§ 236.3 Policy.

It is DoD policy to:

(a) Establish a comprehensive approach to require safeguarding of covered defense information on covered contractor information systems and to require contractor cyber incident reporting.

(b) Increase Government stakeholder and DIB situational awareness of the extent and severity of cyber threats to DoD information by implementing a streamlined approval process that enables the contractor to elect, in conjunction with the cyber incident reporting and sharing, the extent to which DoD may share cyber threat information obtained from a contractor (or derived from information obtained from the company) under this part that is not information created by or for DoD with:

(1) DIB contractors participating in the DoD-DIB CS information sharing program to enhance their cybersecurity posture to better protect covered defense information on covered contractor information systems, or a contractor's ability to provide operationally critical support; and

(2) Other Government stakeholders for lawful Government activities, including cybersecurity for the protection of Government information or information systems, law enforcement and counterintelligence (LE/CI), and other lawful national security activities directed against the cyber threat (e.g., those attempting to infiltrate and compromise information on the contractor information systems).

(c) Modify eligibility criteria to permit greater participation in the voluntary DoD-DIB CS information sharing program.

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.

United States Code
U.S. Code: Title 10 - ARMED FORCES

Title 32 published on 2015-07-01

The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 32 CFR Part 236 after this date.

  • 2015-10-02; vol. 80 # 191 - Friday, October 2, 2015
    1. 80 FR 59581 - Department of Defense (DoD)-Defense Industrial Base (DIB) Cybersecurity (CS) Activities
      GPO FDSys XML | Text
      DEPARTMENT OF DEFENSE, Office of the Secretary
      Interim final rule.
      Effective Date: This rule if effective October 2, 2015. Comments must be received by December 1, 2015.
      32 CFR Part 236