The Defense Department must tighten measures to protect “ unclassified controlled technical information” from cyber thieves, Defense Secretary Chuck Hagel said in a recent memo.
The memo, dated Oct. 10 and released publicly Thursday, lays out tasks for the undersecretary of defense for acquisition, technology and logistics, the DoD chief information officer, the undersecretary of defense for policy and the undersecretary of defense for intelligence. They include:
■ Conducting an assessment of unclassified DoD-operated networks to determine their vulnerability to cyber attacks and creating a strategy to reduce those risks.
■ Creating a capability to assess the loss of technical information and the consequences of those losses.
■ Identifying critical acquisition and technology programs that require higher levels of protection and ensuring the military services are adequately protecting those systems, based on their classification levels.
The memo directs the DoD CIO, the National Security Agency and the Defense Information Systems Agency to identify standards for protecting unclassified data that align with the department’s Joint Information Environment.
“Stolen data provides potential adversaries extraordinary insight into the United States’ defense and industrial capabilities and allows them to save time and expense in developing similar capabilities,” Hagel said in the memo. “Protection of this data is a high priority for the department and is critical to preserving the intellectual property and competitive capabilities of our national industrial base and the technological superiority of our fielded military systems.”
DoD spokeswoman Jennifer Elzea said the Pentagon has proposed an amendment to its acquisition and contracting regulations that would require companies to follow established security standards on their networks and report cyber intrusions that result in the loss of unclassified data, the American Forces Press Service reported.