Cyber Resiliency & Cybersecurity Policy
Abstract
The Cyber Resiliency & Cybersecurity Policy program supports the efforts of OUSD A&S, focusing on the defense of the Department’s critical mission weapon systems and Defense Critical Infrastructure from cyber attack, protecting the Department’s sensitive unclassified information residing within the Defense Industrial Base (DIB) sector and supply chain, and capability portfolio management for Joint Cyber Capabilities used by the Cyber Mission Force. This program funds the following critical efforts: 1) Cybersecurity for Weapon Systems and Critical Infrastructure: Lead the Department’s Strategic Cybersecurity Program (SCP) to continue critical weapon systems and defense infrastructure cybersecurity assessments and mitigations and cyber harden priority DoD missions. OASD(A)/Cyber Warfare Directorate Cyber Resiliency efforts are aligned with the following initiatives: Assess: - Conduct mission based cyber risk assessments for priority Defense Missions in support of CCMDs. - Conduct Deep Cyber Resiliency Assessments (DCRA) in support of CCMDs and asset owners. - Conduct CCMD Mission Analytics in support of the Joint Staff and CCMDs. Inventory: - Develop, sustain, and employ the Cyber Risk Mitigation Tool (CRMT), an Enterprise-wide decision support tool for tracking and prioritizing cyber vulnerability assessments and mitigations. Prioritize: - Prioritize and advocate for Cyber Risk Mitigations based upon mission analysis conducted by program offices, the National Security Agency (NSA), Deep Cyber Resiliency Assessment teams, USCYBERCOM (USCC), and other cybersecurity professionals. 2) Weapon System Cyber Security - Cybersecurity Supply Chain Risk Management Pilots (C-SCRM) In collaboration with DoD CIO, partner with other DoD organizations and the DIB sector to demonstrate cost-effective and scalable cybersecurity services that augment and/or enhance existing commercial capabilities and services. Focus on identifying options and assessing the efficacy of cybersecurity services for small-to-medium sized DIB companies that are critical to the DoD supply chain but lack sufficient cybersecurity capabilities to protect CUI. 3) Capability Portfolio Management for Cyberspace Operations Conduct Capability Portfolio Management of the Joint Cyber Capabilities employed by Cyber Mission Force in collaboration with USCYBERCOM. Assess the capabilities of JWCA for supporting the conduct of offensive and defensive cyberspace operations.
Document Details
- Document Type
- R2 Budgetary Justification
- Publication Date
- Oct 01, 2025
- Source ID
- 0606771D8Z_6_0400_PB_2025
- Change Summary Explanation
- FY 2025 decrease to fund higher departmental priorities.
- Service Agency Name
- Office of the Secretary Of Defense
Entities
Organizations
- Office of the Secretary of Defense
Related Documents
- Child Project: Cyber Resiliency & Cybersecurity Policy
- Child Accomplishment: Cyber Resiliency & Cybersecurity Policy
- Child Project: Securing the Defense Industrial Base (DIB): Cybersecurity Maturity Model Certification (CMMC)
- Child Accomplishment: Securing the Defense Industrial Base (DIB): Cybersecurity Maturity Model Certification (CMMC)