DOD Plans Cybersecurity Audits for Contractors by 2020

The Pentagon is still a year-and-a-half away from measuring contractor cybersecurity as part of the acquisition process, but is moving forward with developing the metrics it will use and building relationships with third-party auditors who will do the work, Inside CyberSecurity reported.

“We have set out an objective of coming up with new cybersecurity standards this year,” Undersecretary of Defense for Acquisition and Sustainment Ellen Lord said Monday at an Atlantic Council event in Washington. “We’ll have metrics by which to measure them. We’ll have third parties that can actually audit against them, such as [International Organization for Standardization] standards we have for quality.”

The Pentagon is deriving the cybersecurity scoring standards from the NIST framework updated last year, Lord told reporters following the event.

She hopes to have the cybersecurity standards and metrics developed “in a couple months.”

The Pentagon plans to use cybersecurity experts from Johns Hopkins Applied Physics Laboratory to score contractors against the metrics, according to Lord.

Read more at Inside Cybersecurity

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top
Malcare WordPress Security