Military To Tighten Vendor Cybersecurity Policies

Military To Tighten Vendor Cybersecurity Policies
Military To Tighten Vendor Cybersecurity Policies 

By J. Nicholas Hoover
February 16, 2010

The Department of Defense has signaled its intention to develop new 
policies requiring its vendors to meet increased standards for 
cybersecurity for unclassified military information residing on or being 
carried over private sector systems and networks.

In a memo issued in late January, Department of Defense chief 
information officer Cheryl Roby laid out a number of leadership 
responsibilities and strategic guidance on the development of stronger 
cybersecurity plans.

"It is DoD policy to establish a comprehensive approach for protecting 
unclassified DoD information transiting or residing on unclassified 
[Defense industrial base] systems and networks and create a timely, 
coordinated, and effective partnership with the [Defense industrial 
base]," Roby wrote.

Hackers have increasingly been targeting and probing the Defense 
industrial base, sometimes successfully. For example, last year, it was 
revealed that hackers infiltrated the networks of government contractors 
and stole sensitive specs on the Pentagon's F-35 Joint Strike Fighter 
project. This poses a significant challenge, as a wide variety of 
military information resides on external systems, and a wide variety of 
defense IT work is outsourced.


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods