Hello, Guest!
  • Friday, April 26, 2024

Defense Contractors will be Held to Higher Cyber Standards


Defense contractors will soon be held to the same cybersecurity standards that the Defense Department has implemented  in recent years, according to a top IT official at the Pentagon.

“The cyberthreat is not going away; we have to defend our networks and systems, and you’re part of that defense,” acting DOD CIO John Zangardi said Friday. “DOD is facing the same threats that you are. And with these regulations, we are asking to implement some of the same defenses as we are implementing for the department’s networks.”

“Safeguarding Covered Defense Information and Cyber Incident Reporting,”a new DOD regulation, will go into effect for how contractors respond to and report cyber incidents., and defense contractors have until the end of calendar year 2017 to begin complying.

At an event for vendors that work with DOD, Zangardi said that the updated regulations will be “critical” for ensuring the safety of “information we put out there, that you receive or that you develop in support of DOD’s warfighting mission is protected.”

“We can’t expect anything less in this current environment,” he added. “This is the thing that gets us to where we want to be in terms of protecting our data.”

“Protecting this information saves warfighter lives,” he said.

Defense information is “unclassified controlled technical information or other information” as described in the National Archive and Records Administration’s Controlled Unclassified Information (CUI) Registry “that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Government wide policies,” according to a new acquisition regulation final rule passed in October 2016.

Contractors will be expected to at minimum comply with the National Institute of Standards and Technology’s Special Publication 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” for information held on their networks or systems, and follow cybersecurity guidance on multifactor authentication and cyber-incident response.

 

Video of the Day

Related Articles

Navy Awards 8 Companies Spots on $701M Ship Maintenance IDIQ Contract Awards

Navy Awards 8 Companies Spots on $701M Ship Maintenance IDIQ

Eight companies have won spots on a five-year, $701 million indefinite-delivery/indefinite-quantity contract from the U.S. Navy to repair, maintain and modernize non-nuclear surface ships homeported in Mayport, Florida. The contractors will conduct continuous maintenance emergent maintenance of the ship and provide short-term support to the Chief of Naval Operations, the Department of Defense said Wednesday.

Air Force Posts Solicitation for Potential $5.7B Combat Air Force Support Follow-On Contract News

Air Force Posts Solicitation for Potential $5.7B Combat Air Force Support Follow-On Contract

The U.S. Air Force has begun seeking proposals for a potential $5.7 billion follow-on multiple-award contract to provide combat air forces contracted air support services to help protect U.S. assets against advanced airborne threats. CAF CAS II seeks to procure non-personal services for realistic advanced adversary air threats and close air support threats to support

Northrop Lands $167M Navy Contract Modification for G/ATOR Radar Tech Contract Awards

Northrop Lands $167M Navy Contract Modification for G/ATOR Radar Tech

Northrop Grumman (NYSE: NOC) has secured a potential $167.1 million contract modification from the U.S. Navy to supply four lot 6 full-rate production Ground/Air Task Oriented Radar systems. Marine Corps Systems Command is the contracting activity and will obligate the full contract amount using the U.S. Air Force’s other procurement funds for fiscal year 2024,