DoD Mandates More Cyber Shields for Contractors
Published Date: 9/10/2025
Notice
Summary
The Defense Department is updating rules for contractors to better protect their computer systems from cyber threats. If you work with the government on defense projects, you’ll need to follow new cybersecurity steps and share info to prove you’re keeping data safe. These changes kick in soon and aim to keep our secrets secure without costing extra money.
Analyzed Economic Effects
1 provisions identified: 1 benefits, 0 costs, 0 mixed.
New DoD Cybersecurity Steps for Contractors
If you work as a contractor on defense projects, the Defense Department requires new cybersecurity steps and that you share information to prove your computer systems are protected. The Department has submitted this information collection to the Office of Management and Budget under the Paperwork Reduction Act, and the summary says the changes will take effect soon and aim to keep secrets secure without costing extra money.
Your PRIA Score
Personalized for You
How does this regulation affect your finances?
Sign up for a PRIA Policy Scan to see your personalized alignment score for this federal register document and every other regulation we track. We analyze your financial profile against policy provisions to show you exactly what matters to your wallet.
Key Dates
Department and Agencies
Related Federal Register Documents
2026-05935 — Information Collection Requirement; Defense Federal Acquisition Regulation Supplement; Rights in Technical Data and Computer Software
The Department of Defense is renewing its paperwork rules about who owns technical data and software rights in defense contracts. This affects over 46,000 businesses that work with the DoD, requiring them to provide info about their software and data rights. Comments on these rules are open until April 27, 2026, and the paperwork takes about 1.6 hours per response.
2026-03870 — Information Collection Requirement; Defense Federal Acquisition Regulation Supplement; Performance-Based Payments-Representation (OMB Control Number 0750-0001)
The Department of Defense wants to keep collecting info from businesses about performance-based payments to make sure everything runs smoothly. This info collection, affecting about 438 companies, is up for a three-year extension with no big changes or extra costs. Comments on this plan are open until April 27, 2026, so now’s the time to speak up!
2025-17359 — Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041)
The Department of Defense is updating its rules to make sure contractors follow new cybersecurity standards called the Cybersecurity Maturity Model Certification (CMMC). This change affects companies working with the DoD and helps protect important defense information. Contractors should get ready to meet these new rules soon, which could impact how they do business and spend money on cybersecurity.
2026-00544 — Information Collection Requirements; Defense Federal Acquisition Regulation Supplement (DFARS); Cyber Incident Reporting and Cloud Computing
If you’re a business working with the Department of Defense, you need to report any cyber incidents and cloud computing issues quickly. This update reminds contractors about the rules and asks for public comments by January 14, 2026. Reporting helps keep defense info safe, and it usually takes less than half an hour per report.
2026-00589 — Information Collection Requirement; Defense Federal Acquisition Regulation Supplement; Rights in Technical Data and Computer Software
The Department of Defense wants to keep collecting info from businesses about rights to technical data and software for three more years. They’re asking for your thoughts by March 16, 2026, to make sure this process is useful and not too much work. If you work with DoD contracts involving tech data or software, this affects you and helps keep things clear and fair.
2025-24283 — Information Collection Requirement; Defense Federal Acquisition Regulation Supplement (DFARS); Quality Assurance
The Department of Defense is renewing its rules for collecting quality assurance info from businesses working on defense contracts. This affects over 60,000 companies who must keep detailed records and report safety issues quickly to help keep equipment safe. Comments on these rules are open until February 5, 2026, and the paperwork takes a lot of time—about 64 hours per response!
Previous / Next Documents
Previous: 2025-17317 — Request Notice: Use of Foreign-Built Small Passenger Vessel in United States Coastwise Trade, S/V OCEANA
MARAD is checking if a foreign-built small passenger boat, the S/V OCEANA, can be used for U.S. coastal trips carrying up to 12 passengers. They want to hear from folks who might be affected, like U.S. boat builders or businesses using American-made vessels. If approved, this could change who’s allowed to run these kinds of passenger trips along the coast, so keep an eye out and share your thoughts soon!
Next: 2025-17322 — Agency Forms Submitted for OMB Review, Request for Comments
The Railroad Retirement Board is asking for public feedback on a form they use to track employee representatives’ status and pay. This helps make sure the form is clear, useful, and not too much work to fill out. If you’re an employee rep or work with one, your input matters—and you’ve got 30 days to share your thoughts before any changes happen.
Take It Personal
Get Your Personalized Policy View
Start a Free Government Policy Watch to see how policy affects your household, then upgrade to PRIA Full Coverage for year-round monitoring.
Already have an account? Sign in