Contractors not up to date on cybersecurity standards will only get a pass from the Defense Department for a little longer, leadership says.
DoD will begin auditing companies’ cybersecurity procedures that want to win contracts and it plans to start within the next 18 months, according to Ellen Lord, DoD undersecretary for acquisition and sustainment.
There will also be new cybersecurity standards for which companies will have to abide by if they want to work with the military.
“We have set out an objective of coming up with new cybersecurity standards this year,” Lord said at an Atlantic Council event on March 25 in Washington. “We’ll have metrics by which to measure them. We’ll have third parties that can actually audit against them such as International Organization for Standardization standards we have for quality. We need to them understand: How do we put cybersecurity into the new networks we are building? How do we make sure that there aren’t back doors there? How do we make sure that data at rest stays secure?”
The new cybersecurity standards will build off of the already existing National Institute of Standards and Technology Special Publication…
