Maintenance window scheduled to begin at February 14th 2200 est. until 0400 est. February 15th


Forgot Password?

    Defense Visual Information Distribution Service Logo

    DoD Cybersecurity Incident Reporting

    Advanced Embed Example

    Add the following CSS to the header block of your HTML document.

    Then add the mark-up below to the body block of the same document.



    Video by Dave Pope 

    Air Force Research Laboratory


    My name is Kelly Kiernan and I'm here representing the Department of the Air Force Chief Information Security Officer and AFWERX.

    Today, we're going to talk about #2 in the Blue Cyber education series for small businesses. It's called DoD Cybersecurity Incident Reporting.

    DoD cyber incident reporting is grounded in the DFARs. You'll remember that DFARs contain requirements of the law and DoD wide policies. The DFARs which is driving DoD incident reporting is DFARs 252-204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.

    A closer look at DFARs clause 252-204-7012 shows that there are three aspects to cyber incident reporting to consider. They are:
    cyber incident reporting
    submitting malicious software
    and facilitating assessment

    I'm often asked what to do if there's a potential breach.

    If there is a potential breach, don't panic. Cyber security occurs in a dynamic environment. Hackers are constantly coming up with new ways to attack information systems and the DoD is constantly responding to these threats. DoD does not penalize contractors who act in good faith.

    Do contact the DoD immediately--bad news does not get better with time. And do respond within 72 hours of the discovery of any incident.

    Be helpful and transparent. Contractors must cooperate to respond with the DOD to security incidents and should immediately preserve and protect evidence and capture as much information about the incident as possible.

    In a moment, I’m going to show you the DoD website where you can report cyber incidents and submit malicious software. There you will find many things to help you including a portal, helpdesk numbers, and email helpdesk.

    But, it won't tell you what to report.

    Here is what to report:
    report all cyber incidents that may result in a significant loss of data, system availability, or control of systems
    impact a large number of victims
    indicate unauthorized access to or malicious software present on critical information systems
    affect critical infrastructure or core government functions
    or impact national security, economic security, or public health and safety

    If you need to report a cyber incident, you'll go to There you will see by the screenshot that it's a very modern site for your cyber report. It contains phone numbers and emails to provide assistance. The contractor shall conduct a review for evidence of compromise and rapidly report cyber incidents to the DOD at

    With regard to malware, if discovered and isolated in connection with a reported cyber incident, the contractor or subcontractor shall submit the malicious software to the DoD cyber crime center. If the DoD elects to conduct a damage assessment, the contracting officer will be notified by the requiring activity to request media and damage assessment information from the contractor.

    You don't want the first time you visit to be for the reason to submit a cyber incident. There are also resources on that page. On the far-right hand column, you'll see links to the cyber threat roundup. The cyber threat roundup is a weekly collection of recently open sourced articles of interest for the defense industrial base and also I'll just mention that Blue Cyber number 12 is called “Cyber Threat Resources for Small Businesses.”

    Thank you for joining me today. My name is Kelly Kiernan and I'm here representing the Department of the Air Force Chief Information Security Officer. A reminder that this talk is not a substitute for reading the FAR and DFARs in your small business contract. You will find this presentation and many more on the Department of the Air Force CISO web page under Blue Cyber. Well, thank you for your time. So long.



    Date Taken: 03.03.2022
    Date Posted: 03.11.2022 15:34
    Category: Video Productions
    Video ID: 834423
    VIRIN: 220304-F-WY291-1191
    Filename: DOD_108855247
    Length: 00:04:30
    Location: OH, US

    Video Analytics

    Downloads: 7
    High-Res. Downloads: 7