DoD considers adding new cybersecurity measurements for industry
Stan Soloway, president and CEO of Celero Strategies, discusses the Department of Defense possibly judging industry members on cybersecurity practices before they are awarded contracts, and how a “harmonization” across the department could help.
According to Deputy Secretary of Defense Patrick Shanahan, cybersecurity could become a key consideration in awarding future Pentagon contracts, but what form would that take? Stan Soloway, president and CEO of Celero Strategies, says that there are several questions that need to be answered before we see cyber as a major criterion in Department of Defense awards.
“We have been dealing with this as compliance and best practices and security protocol question, and now we’re shifting into acquisition,” Soloway said. “I don’t think anyone disagrees with the notion that a government vendor needs to have good cyber practices and be able to protect the information that they have in their control. We are talking here about vendors who are not hired to protect the networks themselves. The real question is what does this actually mean?”
Soloway told Government Matters that some parts of the Pentagon are prioritizing cyber in contracts, even before it’s established as an acquisition “pillar.”
“The Assistant Secretary of the Navy Jim ‘Hondo’ Guertz, put out a memo a few weeks ago saying that henceforth, cyber will be a source selection factor. It’s not quite clear what that means or how many contracts that covers. But it kind of just appeared,” said Soloway. “What you really need is a harmonization across the department.”