As cyberattacks grow in frequency and damage, the Obama administration is pushing companies to move faster to address the fastest-growing threat in the 21st century.
"The administration is looking at all possible means to encourage the private sector to enhance its cybersecurity," said Ronald D. Lee, a Washington-based national security and government contracts attorney.
Even though new laws and regulations are in place, the hope is that private companies can help take the lead, as even President Barack Obama recently acknowledged that the government cannot address the threat alone.
New legislation—part of this year's National Defense Authorization Act signed by Obama in December—requires more defense contractors to quickly disclose when they are breached.
The new rules, which specifically impacts contractors who support transportation and logistics for the Defense Department, also require companies to give the government limited access to networks and equipment impacted by a breach.
For now, the new rules are limited to specific defense contractors, but it may not be long before the government implements more regulations on all federal contractors as it pushes for companies to adopt higher security standards, cybersecurity experts said.
"They are looking at all their different means and one of them is the government-procurement lever. And it's a very large one," said Lee.