DIBNet Portal Shutdown: New DoD Cyber Incident Reporting Requirements for Defense Contractors
Executive Brief
As of June 6, 2025, at 0900 EDT, the Department of Defense (DoD) has officially shut down what was known as the “DIBNet Portal,” marking a significant transition in how cyber incidents are reported across the Defense Industrial Base (DIB). This change is part of a broader modernization and cost-reduction initiative within the DoD, aimed at streamlining cybersecurity practices and aligning with evolving federal budget priorities.
If your organization is a DoD contractor, this change directly affects your compliance obligations under DFARS 252.204-7012. Here's what you need to know and how to stay compliant.
Why Is DIBNet Being Shut Down?
Since June 6, the original DIBNet portal URL (https://dibnet.dod.mil) now redirects to a new page hosted by the Defense Cyber Crime Center’s DCISE (Defense Collaborative Information Sharing Environment).
The decommissioning of the DIBNet portal appears to be part of a long-term modernization effort, but there has not been wide reporting on this update. This move can also be viewed as a step towards a more secure and streamlined reporting infrastructure for defense contractors.
New Reporting Process Explained
Below is a guide to the new incident reporting procedure that all DIB contractors must follow:
Where to Go Now
- The old DIBNet link now redirects here: Department of Defense Cyber Crime Center (DC3) > Missions > DIB Cybersecurity > DIB Cybersecurity DCISE
- From there, you'll find access to the new portal: https://icf.dcise.cert.org
How to Report an Incident Now
- Step one: You'll report the same details about the cyber incident as before; however, a DoD-Approved Medium Assurance Certificate is required to report a cyber incident.
- If you do not have a DoD-Approved Medium Assurance Certificate and need to report a cyber incident, you will need to email dc3.dcise@us.af.mil
- Step two: The updated portal will generate an .xml file containing your report
- Step three: You must submit this .xml file via one of the following secure channels:
- Encrypted Email
- DoD Secure Access File Exchange
- Send it to: dcise@us.af.mil
Post-Submission Process
Once your report is submitted:
- DC3 will confirm receipt
- You will receive:
- An official incident number
- An Incident Collection Form text version for your records
Need Support?
The DC3 remains the central operational focal point for handling unclassified cyber incident reports across the DIB. If you need help during this transition:
- Email: dcise@us.af.mil
- Phone: (410) 981-0104 or 1-877-838-2174
- Program Contact: DIBCSIA@mail.mil
Final Thoughts
At ISI, we understand that compliance transitions like this can be disruptive. However, these steps are aimed at strengthening the cybersecurity posture of the entire DIB. If you have questions or need help updating your internal procedures, our team is ready to assist.
For more cybersecurity updates and federal compliance insights, follow our ISI Insights blog or reach out to our DFARS/NIST 800-171 compliance experts.
Stay compliant, stay secure,
— The ISI Cybersecurity Team
Internal Links
- https://isidefense.com/blog/cmmc-incident-response
- https://isidefense.com/blog/why-continuous-monitoring-is-crucial-for-cmmc
- https://isidefense.com/blog/cmmc-compliance-for-defense-contractors-a-practical-guide-to-getting-it-right
- https://isidefense.com/blog/what-is-dfars-a-deeper-look-at-dod-compliance