Program and Technology Protection

Abstract

The Department of Defense (DoD) must address cybersecurity and supply chain risks to DoD networks, weapons systems, and information stored and processed on both the DoD and the Defense Industrial Base (DIB) unclassified contractor information networks that support DoD programs. Increased reliance on the internet as a vehicle for sharing information, globalization of the supply chain, and advanced persistent threats (APTs) that can evade commercially available security tools and defeat generic security best practices, drives the need for diligent program protection planning and execution. Activities carried out include supporting implementation of DoDI 5000.83, Technology and Program Protection to Maintain Technological Advantage. Program Protection Planning includes protection of classified and unclassified controlled technical information, critical program information, critical components and critical mission functions, and integrates high level security policies and practical expertise to specific acquisition and S&T practices, secure cyber resilient engineering activities, and risk reduction activities. Through this initiative the Department is maturing system security engineering methodologies to protect controlled unclassified information, to include controlled technical information on contractor information networks; improve mitigation and management of information communication technology supply chain risk management risks, improve integration of cybersecurity into the engineering processes through secure cyber resilient engineering methods, improve software assurance practices, mature processes to identify and protect Critical Program Information, mature processes to integrate defense exportability features, and improve program protection planning. Activities carried out, support implementation of DoD Instruction 5200.44 Trusted Systems and Networks with the use of proven mitigation techniques and tools, the ongoing refinement of risk management processes, and creation of needed technology; implementation of DoD Instruction 5200.39 Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation (RDT&E) and DoD Directive 5200.47 Anti Tamper to identify and protect Critical Program Information; and implementation of DoD Instruction 8582.01 Security of Unclassified DoD Information on Non-DoD Information Systems for Safeguarding Controlled Unclassified Information on contractor owned networks.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2024
Source ID
158_0605797D8Z_6_0400_PB_2024

Tags

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Military Science and Technology Research and Modernization.

Technology Areas

  • Cyber

Related Documents