32 CFR 236.7 - DIB participant eligibility requirements.

prev | next
§ 236.7 DIB participant eligibility requirements.
To be eligible to participate in this program, a DIB company must:
(a) Have or acquire DoD-approved medium assurance certificates to enable encrypted unclassified information sharing between the Government and DIB participants;
(b) Have an existing active Facility Security Clearance (FCL) granted under the National Industrial Security Program Operating Manual (NISPOM) (DoD 5220.22-M) with approved safeguarding for at least Secret information, and continue to qualify under the NISPOM for retention of its FCL and approved safeguarding ( http://www.dtic.mil/whs/directives/corres/pdf/522022m.pdf );
(c) Have or acquire a Communication Security (COMSEC) account in accordance with the NISPOM Chapter 9, Section 4 (DoD 5220.22-M), which provides procedures and requirements for COMSEC activities;
(d) Obtain access to DoD's secure voice and data transmission systems supporting the DIB CS/IA program,
(e) Own or operate covered DIB system(s), and
(f) Execute the standardized FA with the Government (available during the application process), which implements the requirements set forth in sections 236.4 through 236.6 of this part.
Beta! The text on the eCFR tab represents the unofficial eCFR text at ecfr.gov.
§ 236.7 DoD-DIB CS information sharing program requirements.

(a) To participate in the DoD-DIB CS information sharing program, a contractor must be a CDC and shall:

(1) Have an existing active FCL granted under the NISPOM (DoD 5220.22-M); and

(2) Execute the standardized FA with the Government (available during the application process), which implements the requirements set forth in §§ 236.5 through 236.7, and allows the CDC to select their level of participation in the voluntary DoD-DIB CS information sharing program.

(3) In order for participating CDCs to receive classified cyber threat information electronically, they must:

(i) Have or acquire a Communication Security (COMSEC) account in accordance with the NISPOM Chapter 9, Section 4 (DoD 5220.22-M), which provides procedures and requirements for COMSEC activities; and

(ii) Have or acquire approved safeguarding for at least Secret information, and continue to qualify under the NISPOM for retention of its FCL and approved safeguarding; and

(iii) Obtain access to DoD's secure voice and data transmission systems supporting the voluntary DoD-DIB CS information sharing program.

(b) [Reserved]

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.


United States Code
U.S. Code: Title 10 - ARMED FORCES
U.S. Code: Title 44 - PUBLIC PRINTING AND DOCUMENTS

Title 32 published on 2015-07-01

The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 32 CFR Part 236 after this date.

  • 2015-10-02; vol. 80 # 191 - Friday, October 2, 2015
    1. 80 FR 59581 - Department of Defense (DoD)-Defense Industrial Base (DIB) Cybersecurity (CS) Activities
      GPO FDSys XML | Text
      DEPARTMENT OF DEFENSE, Office of the Secretary
      Interim final rule.
      Effective Date: This rule if effective October 2, 2015. Comments must be received by December 1, 2015.
      32 CFR Part 236