Program Protection

Abstract

The Department of Defense (DoD) must address cybersecurity and supply chain risks to DoD networks, weapons systems, and information stored and processed on both DoD and Defense Industrial Base (DIB) unclassified networks that support DoD programs. Increased reliance on the internet as a vehicle for sharing information, globalization of the supply chain, and advanced persistent threats (APTs) that can evade commercially available security tools and defeat generic security best practices, drives the need for diligent program protection planning and execution. Program Protection Planning includes protection of critical program information, critical components and mission functions, and integrates high level security policies and practical expertise to specific acquisition practices, systems engineering activities, and risk reduction activities. Through this initiative the Department is maturing system security engineering methodologies to protect controlled unclassified information, to include controlled technical information on contractor networks; improve mitigation of supply chain risk management risks, improve integration of cybersecurity into the engineering processes, improve software assurance practices, mature processes to identify Critical Program Information and improve program protection planning. Activities carried out, support implementation of DoD Instruction 5200.44 Trusted Systems and Networks with the use of proven mitigation techniques and tools, the ongoing refinement of risk management processes, and creation of needed technology; implementation of DoD Instruction 5200.39 Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation (RDT&E) to identify and protect Critical Program Information; and implementation of Safeguarding Controlled Unclassified Information on contractor owned networks.

Open PDF

Document Details

Document Type
Project
Publication Date
Oct 01, 2017
Source ID
P143_0605142D8Z_6_0400_PB_2017

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management

Technology Areas

  • Cyber

Related Documents