By J. Nicholas Hoover
February 16, 2010
The Department of Defense has signaled its intention to develop new
policies requiring its vendors to meet increased standards for
cybersecurity for unclassified military information residing on or being
carried over private sector systems and networks.
In a memo issued in late January, Department of Defense chief
information officer Cheryl Roby laid out a number of leadership
responsibilities and strategic guidance on the development of stronger
"It is DoD policy to establish a comprehensive approach for protecting
unclassified DoD information transiting or residing on unclassified
[Defense industrial base] systems and networks and create a timely,
coordinated, and effective partnership with the [Defense industrial
base]," Roby wrote.
Hackers have increasingly been targeting and probing the Defense
industrial base, sometimes successfully. For example, last year, it was
revealed that hackers infiltrated the networks of government contractors
and stole sensitive specs on the Pentagon's F-35 Joint Strike Fighter
project. This poses a significant challenge, as a wide variety of
military information resides on external systems, and a wide variety of
defense IT work is outsourced.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News