The Navy has released its Cybersecurity Readiness Review, drafted at the Secretary’s request, in response to recent losses of classified and unclassified data. The Review calls attention to the contracting community’s key role in safeguarding critical government data – and the perceived shortcomings of the current acquisition system in achieving that end. Despite mandatory contract requirements such as DFARS 252.204-7012, the Review notes that the Defense Industrial Base (DIB) has experienced “a flood of breaches” and “continues to hemorrhage critical data.” In response, the Review recommends:
- Holding individuals personally accountable for achieving mandated standards.
- Ensuring the supply chain is “delivered uncompromised” for mission readiness.
- Creating cybersecurity “go/no-go” criteria for capabilities.
- Expanding information sharing with DIB partners to better identify risks and priorities.
- Working with industry trade groups to assist subcontractors in improving cyber defenses.
