More Cyber Rules for Contractors

The ever-evolving “Better Buying Power” guidance on how to improve defense acquisition will soon get new rules for contractors on protecting information, Pentagon acquisition, technology, and logistics chief Frank Kendall said March 12. Speaking at a Bloomberg defense symposium in Arlington, Va., Kendall said BBP 3.0 will get some new rules that are “not on the original list” about protecting information. “Cyber is pervasive, it affects every aspect of weapon systems,” Kendall said, and this creates a very broad “attack surface” for enemies. Non-secret information, such as “in supply chains and maintenance systems,” can still give cyber thieves plenty of insight as to how new weapons work. Non-secret but unsecure systems may provide backdoor avenues of cyber attack, Kendall said, so it will be essential that contractors tighten up. “We still have a long way to go” with regard to protecting defense-sensitive information in the private sector, he said. (See Better Buying from the March issue of Air Force Magazine.)