Program and Technology Protection

Abstract

The Department of Defense (DoD) must address cybersecurity and supply chain risks to DoD networks, weapons systems, and information stored and processed on both the DoD and the Defense Industrial Base (DIB) unclassified contractor information networks that support DoD programs. Advanced persistent threats (APTs) that can evade commercially available security tools and defeat generic security best practices, drives the need for diligent program protection planning and execution. This project supports implementation of DoDI 5000.83, Technology and Program Protection to Maintain Technological Advantage. Activities carried out for Program Protection Planning include protection of controlled technical information, critical program information, critical components and critical mission functions; and integration of system security policies and acquisition and S&T practices, secure cyber resilient engineering activities, and system security risk reduction activities. This initiative is maturing system security engineering methodologies to protect controlled unclassified information, to include controlled technical information on contractor information networks; improve software and hardware assurance mitigations and management of information communication technology (ICT) supply chain risk management risks, improve integration of cybersecurity into the engineering processes through secure cyber resilient engineering methods, improve software assurance and hardware assurance practices, mature processes to identify and protect Critical Program Information, mature processes to integrate defense exportability features to allow for expediated transfer of U.S. defense systems, and improve program protection planning. Activities carried out, support DoD Instruction 5200.44 Trusted Systems and Networks with the use of proven mitigation techniques and tools, the ongoing refinement of ICT risk management processes, and creation of needed technology; implementation of DoD Instruction 5200.39 Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation (RDT&E) and DoD Directive 5200.47 Anti Tamper to identify and protect Critical Program Information; and implementation of DoD Instruction 8582.01 Security of Unclassified DoD Information on Non-DoD Information Systems for Safeguarding Controlled Unclassified Information on contractor owned networks.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2025
Source ID
158_0605797D8Z_6_0400_PB_2025

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Military Science and Technology Research and Modernization.

Technology Areas

  • Cyber

Related Documents