Program and Technology Protection

Abstract

The Department of Defense (DoD) must address cybersecurity and supply chain risks to DoD networks, weapons systems, and information stored and processed on both DoD and Defense Industrial Base (DIB) unclassified contractor information networks that support DoD programs. Increased reliance on the internet as a vehicle for sharing information, globalization of the supply chain, and advanced persistent threats (APTs) that can evade commercially available security tools and defeat generic security best practices, drives the need for diligent program protection planning and execution. Program Protection Planning includes protection of classified and unclassified controlled technical information, critical program information, critical components and critical mission functions, and integrates high level security policies and practical expertise to specific acquisition and S&T practices, systems engineering activities, and risk reduction activities. Through this initiative the Department is maturing system security engineering methodologies to protect controlled unclassified information, to include controlled technical information on contractor information networks; improve mitigation and management of supply chain risk management risks, improve integration of cybersecurity into the engineering processes, improve software assurance practices, mature processes to identify and protect Critical Program Information and improve program protection planning. Activities carried out, support implementation of DoD Instruction 5200.44 Trusted Systems and Networks with the use of proven mitigation techniques and tools, the ongoing refinement of risk management processes, and creation of needed technology; implementation of DoD Instruction 5200.39 Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation (RDT&E) to identify and protect Critical Program Information; and implementation of DoD Instruction 8582.01 Security of Unclassified DoD Information on Non-DoD Information Systems for Safeguarding Controlled Unclassified Information on contractor owned networks.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2020
Source ID
158_0605797D8Z_6_0400_PB_2020

Tags

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management

Technology Areas

  • Cyber

Related Documents