Summary: The Department of Homeland Security is preparing a rule to ensure contractors are meeting cybersecurity requirements, with DHS touting a process for evaluating its vendor base through self-assessments rather than relying on a third-party certification program like the Pentagon.DHS has spent the past year conducting multiple “pathfinders” to test out a method for ensuring companies are meeting cyber hygiene clauses in their contracts. DHS issued a self-assessment questionnaire to a subset of its contractors last fall. The questionnaire was geared at measuring whether the companies were complying with a 2015 Homeland Security Acquisition Regulation for safeguarding sensitive information.Ken Bible, DHS’ chief information security officer, says the work has convinced DHS it can use the approach more broadly. Learn more about your ad choices. Visit megaphone.fm/adchoices
