Look for the whole government to take a page from the Pentagon and require that firms notify their agency customers of hacks into company-owned systems within three days of detection, procurement attorneys and federal officials say.
Right now, vendors only have to report compromises of classified information and defense industry trade secrets. The trade secret rule is new and covers breaches of nonpublic military technological and scientific data, referred to as “unclassified controlled technical information.”
That new reporting requirement kicked in Nov. 18, 2013 and applies to all military contracts inked since.
Keep reading this article at: http://www.nextgov.com/cybersecurity/2014/09/contractors-expect-72-hour-rule-disclosing-corporate-hacks/95399/