In a recent address at the Air Force Association’s Air, Space & Cyber Conference, Deputy Secretary of Defense Patrick Shanahan emphasized that cybersecurity will become a “critical measurement” for making contract awards as well as a significant consideration in holding a government contractor accountable for its performance.
Shanahan noted that while DoD acquisitions currently focus on three critical measurements—quality, cost and schedule—cybersecurity is “probably going to be what we call the . . . fourth critical measurement.” The DoD is “going to work with [its] industrial partners to help them be as accountable for security as they are for quality.”
Shanahan also noted that adequate cybersecurity protection is part of the standard baseline of government contracting security—it is not an optional feature. He commented, “And it shouldn’t be that being secure comes with a big bill. It’s just like we wouldn’t pay extra for quality.” Consequently, government contractors should recognize that the government “shouldn’t pay extra for security,” he added. Rather, “security is the standard. It’s the expectation. It’s not something that’s above and beyond what we’ve done before.”
Keep reading this article at: http://www.mondaq.com/article.asp?articleid=742094
See GTPAC’s video, template and other resources designed to help contractors comply with the DoD/NIST cybersecurity rules at: http://gtpac.org/cybersecurity-training-video/