Program and Technology Protection

Abstract

The Department of Defense (DoD) must address cybersecurity and supply chain risks to Department of Defense (DoD) networks, weapons systems, and information stored and processed on both DoD and Defense Industrial Base (DIB) unclassified contractor information networks that support DoD programs. Increased reliance on the internet as a vehicle for sharing information, globalization of the supply chain, and advanced persistent threats (APTs) that can evade commercially available security tools and defeat generic security best practices, drives the need for diligent program protection planning and execution. Activities carried out include supporting implementation of DoDI 5000.83, Technology and Program Protection to Maintain Technological Advantage. Program Protection Planning includes protection of classified and unclassified controlled technical information, critical program information, critical components and critical mission functions, and integrates high level security policies and practical expertise to specific acquisition and S&T practices, systems engineering activities, and risk reduction activities. Through this initiative the Department is maturing system security engineering methodologies to protect controlled unclassified information, to include controlled technical information on contractor information networks; improve mitigation and management of supply chain risk management risks, improve integration of cybersecurity into the engineering processes, improve software assurance practices, mature processes to identify and protect Critical Program Information, mature processes to integrate defense exportability features, and improve program protection planning. Activities carried out, support implementation of DoD Instruction 5200.44 Trusted Systems and Networks with the use of proven mitigation techniques and tools, the ongoing refinement of risk management processes, and creation of needed technology; implementation of DoD Instruction 5200.39 Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation (RDT&E) to identify and protect Critical Program Information; and implementation of DoD Instruction 8582.01 Security of Unclassified DoD Information on Non-DoD Information Systems for Safeguarding Controlled Unclassified Information on contractor owned networks.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2022
Source ID
158_0605797D8Z_6_0400_PB_2022

Tags

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Defense Technology Research and Development.
  • Military Science and Technology Research and Modernization.

Technology Areas

  • Cyber

Related Documents