Skip to content

NDAA and Cybersecurity Redux — CORRECTION

Wednesday, December 19, 2012 at 12:25 PM

As Bobby has already noted the conference report on the NDAA was filed last night.  Some readers may recall that I was concerned about section 936 of the Senate version of the bill – a provision that requires Defense contractors to report cyber breaches without affording them liability protection and without allowing DoD to share the threat or vulnerability information with other parts of the Government.  As I said at the time, it was the worst of both worlds — mandatory reporting without information sharing.

Earlier today, I wrote that “it appears that Section 936 was removed from the bill in conference.”  Sadly, it wasn’t — it was just renumbered as new section 941, where it resides in all its glory, soon to become law.

Share on Facebook0Share on Google+1Email this to someoneTweet about this on Twitter6Print this pageShare on Reddit0

Filed under: Cybersecurity

Tags: ,