EY put out a piece in September 2021 entitled “Impact of cybersecurity executive order on US Government contractors”.  The piece states, among other things:

“The order focuses on information sharing requirements for DoD federal contractors or suppliers.  However, non-DoD contractors will likely benefit from evaluating whether these changes will raise expectations for sharing cyber incident information with federal agencies.  For example, businesses may benefit from tracking guidance and expectations regarding what information to share and when.  Forthcoming guidance may help inform organizations contracting with civilian agencies with respect to how to manage information sharing, which can often be time-consuming while resources are stretched during the response to a cyber incident.  Notably, while mentioning privacy considerations, the order clearly outlines expectations that increased sharing can occur while adhering to privacy laws, regulations and policies.”

Read the full piece here.