Cyber Resiliency & Cybersecurity Policy

Abstract

Cyber Resiliency & Cybersecurity Policy program supports the efforts of OUSD A&S, focusing on the defense of the Department’s critical mission weapon systems and Defense Critical Infrastructure from cyber attack, protecting the Department’s sensitive unclassified information residing within the Defense Industrial Base (DIB) sector and supply chain, and capability portfolio management for Joint Cyber Capabilities used by the Cyber Mission Force. This program funds the following critical efforts: 1) Cybersecurity for Weapon Systems and Critical Infrastructure: Lead the Department’s Strategic Cybersecurity Program (SCP) to continue critical weapon systems and defense infrastructure cybersecurity assessments and mitigations. CISO(A&S) Cyber Resiliency efforts are aligned with the following initiatives: Assess: - Conduct of mission focused cyber risk assessments for priority Defense Missions in support of CCMDs. - Conduct Deep Cyber Resiliency Assessments (DCRA) in support of CCMDs and asset owners. Inventory: - Develop, sustain, and employ Cyber Risk Mitigation Tool (CRMT), an Enterprise-wide decision support tool for tracking cyber vulnerability assessments and mitigations. Prioritize: - Prioritize Cyber Risk Mitigations based upon mission analysis conducted by Mission Focused Cyber Hardening Teams. 2) DIB Cybersecurity: Development, implementation and sustainment of the Cybersecurity Maturity Model Certification (CMMC) framework that incorporates NIST SP 800-171 standards and references into a unified standard that encompasses the progression of cybersecurity practices to secure Controlled Unclassified Information (CUI) within the Defense Industrial Base (DIB) sector. Conduct pathfinders to assess the feasibility and efficacy of employing emerging commercial services/tools/platforms that provide insights into cybersecurity threats and vulnerabilities that are relevant to the DIB sector and the DoD supply chain. Partner with the DIB sector to demonstrate cost-effective and scalable cybersecurity services that augment and/or enhance existing commercial capabilities and services. Focus on cybersecurity services for small-to-medium sized DIB companies that are critical to the DoD supply chain but lack sufficient cybersecurity capabilities to protect CUI. .

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2023
Source ID
145_0606771D8Z_6_0400_PB_2023

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.

Technology Areas

  • Cyber

Related Documents