DIBNet Portal Shutdown: New DoD Cyber Incident Reporting Requirements for Defense Contractors

Executive Brief

As of June 6, 2025, at 0900 EDT, the Department of Defense (DoD) has officially shut down what was known as the “DIBNet Portal,” marking a significant transition in how cyber incidents are reported across the Defense Industrial Base (DIB). This change is part of a broader modernization and cost-reduction initiative within the DoD, aimed at streamlining cybersecurity practices and aligning with evolving federal budget priorities.

If your organization is a DoD contractor, this change directly affects your compliance obligations under DFARS 252.204-7012. Here's what you need to know and how to stay compliant.

Why Is DIBNet Being Shut Down?

Since June 6, the original DIBNet portal URL (https://dibnet.dod.mil) now redirects to a new page hosted by the Defense Cyber Crime Center’s DCISE (Defense Collaborative Information Sharing Environment).

The decommissioning of the DIBNet portal appears to be part of a long-term modernization effort, but there has not been wide reporting on this update. This move can also be viewed as a step towards a more secure and streamlined reporting infrastructure for defense contractors.

New Reporting Process Explained

Below is a guide to the new incident reporting procedure that all DIB contractors must follow:

Where to Go Now

• The old DIBNet link now redirects here: Department of Defense Cyber Crime Center (DC3) > Missions > DIB Cybersecurity > DIB Cybersecurity DCISE
• From there, you'll find access to the new portal: https://icf.dcise.cert.org

How to Report an Incident Now

• Step one: You'll report the same details about the cyber incident as before; however, a DoD-Approved Medium Assurance Certificate is required to report a cyber incident.
  • If you do not have a DoD-Approved Medium Assurance Certificate and need to report a cyber incident, you will need to email dc3.dcise@us.af.mil
• Step two: The updated portal will generate an .xml file containing your report
• Step three: You must submit this .xml file via one of the following secure channels:
  • Encrypted Email
  • DoD Secure Access File Exchange
  • Send it to: dcise@us.af.mil

Post-Submission Process

Once your report is submitted:

• DC3 will confirm receipt
• You will receive:
  • An official incident number
  • An Incident Collection Form text version for your records

Need Support?

The DC3 remains the central operational focal point for handling unclassified cyber incident reports across the DIB. If you need help during this transition:

• Email: dcise@us.af.mil
• Phone: (410) 981-0104 or 1-877-838-2174
• Program Contact: DIBCSIA@mail.mil
  
  

Final Thoughts

At ISI, we understand that compliance transitions like this can be disruptive. However, these steps are aimed at strengthening the cybersecurity posture of the entire DIB. If you have questions or need help updating your internal procedures, our team is ready to assist.

For more cybersecurity updates and federal compliance insights, follow our ISI Insights blog or reach out to our DFARS/NIST 800-171 compliance experts.

Stay compliant, stay secure,
— The ISI Cybersecurity Team 

Internal Links

• https://isidefense.com/blog/cmmc-incident-response
• https://isidefense.com/blog/why-continuous-monitoring-is-crucial-for-cmmc
• https://isidefense.com/blog/cmmc-compliance-for-defense-contractors-a-practical-guide-to-getting-it-right
• https://isidefense.com/blog/what-is-dfars-a-deeper-look-at-dod-compliance