DoD official envisions faster ‘secure pipeline’ to help small business tech contractors protect information

    Published on:

    (DoD graphic by Breaking Defense, computer code image by Sabrina Gelbart via Pexels)

    Washington – Department of Defense Considering extending ‘Secure Pipeline’ to SMEs to help them It will also speed up software delivery while protecting the department’s uncontrolled information (CUI), according to officials at the Pentagon’s Chief Intelligence Office (CIO).

    “One of the challenges we find in dealing with smaller industries and others that have never worked in the defense sector is that the enemy attacks our weakest link. Our sensitive information could be at risk if we are not prepared for advanced persistent threat attacks of said at an Officers Club event.

    At that point, the Pentagon’s CIO is working with the Assistant Secretary of Defense and the Undersecretary of Defense for Acquisition and Retention to make “investments” to help small businesses. The Cybersecurity Maturity Model Certification (CMMC) 2.0 program aims to strengthen the cybersecurity of the defense industrial base by holding contractors accountable for following best practices for securing their networks.

    “We would love to see them expand beyond just protecting, but to provide a development pipeline that allows smaller companies to not only protect DoD CUI, but actually deliver it – software factory functionality. … not only to protect that software throughout the development cycle, but also to accelerate its potential delivery to DoD environments?” Bettmeier said.

    The last part is still only an idea at this point, but it seems the White House’s National Cyber ​​Strategy is “getting more share for industry and government because of the challenges we face.” In addition, the Department of Defense is already working to help companies protect their information. Even from a cyber defense point of view,” he said.

    “In my opinion, these are some of the avenues we are currently looking at in the idea stage and looking at whether we can put resources behind them,” he added.

    National Cyber ​​Strategy, liberated In March, it aimed to “redistribute” the responsibility of protecting cybersecurity to the “most capable and best-positioned actors” in the United States. According to this strategy, in the face of threats from state actors such as Russia and China, the “burden” of responsibility will be shifted to large corporations and governments.

    Meanwhile, the Pentagon last month presented Congress with its own long-awaited cyber strategy. In a March interview with Breaking Defense magazine, Pentagon Chief Operating Officer John Sherman said the strategy would be “directly aligned” with the National Cyber ​​Strategy.

    The strategy is classified, but a publicly available factsheet describes key measures such as maximizing “cyber capabilities in support of joint deterrence,” countering adversaries, and partnering with allies and partners to defend the cyber realm. theme is described.


    Leave a Reply

    Please enter your comment!
    Please enter your name here