https://www.cyberscoop.com/katie-arrington-pentagon-contracting/
By Sean Lyngaas
CYBERSCOOP
October 16, 2019
A politician-turned-defense official who is trying to shake up the
acquisition bureaucracy in the U.S. Department of Defense told contractors
they need to better prioritize security in order to do business with the
Pentagon, and stifle foreign theft of defense secrets.
“This is a change of culture,” Katie Arrington, chief information security
officer of the Pentagon’s acquisition policy office, said Wednesday. “It’s
going to take time, it’s going to be painful, and it’s going to cost
money.”
Arrington, who joined the Office of the Undersecretary of Defense for
Acquisition and Sustainment in January, is spearheading the development of
new cybersecurity standards for contractors. Last month, defense officials
unveiled a draft of the guidelines, known as the Cybersecurity Maturity
Model Certification.
The standards will require contractors of all sizes to have a baseline
level of cybersecurity practices in order to, for example, prevent
adversaries from exfiltrating their intellectual property. Companies
holding more sensitive defense data will need to demonstrate more advanced
security practices. An updated draft is coming next month, and defense
agencies’ requests for information will start using the standards next
year.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
