Several industry organizations have derided additional burdens presented by proposed changes to the Federal Acquisition Regulation that would mandate cyber incident disclosures to the Cybersecurity and Infrastructure Security Agency within an eight-hour window, as well as require a software bill of materials, and complete IT systems and personnel access following an incident, according to The Register.
Article Link: Stronger cyber reporting rules for federal contractors criticized | SC Media