The Defense Department wants to expand the coverage of its cybersecurity guidance to include industrial control systems devices, Federal News Radio reported Thursday.
Jason Miller writes the new regulations will cover systems that run water, air conditioning, heating, electrical, telecommunications and physical security facilities.
The article says DoD CIO Teri Takai could release new directives in October which seek to protect more devices that connect to the network.
Daryl Haegley, program manager for business enterprise integration in the defense deputy undersecretary office for installations and the environment, told a panel discussion the department intends to update the 8500 series guidance.
Haegley said the DoD also looks to align the Pentagon’s risk management framework with that of the civilian government.
Miller writes another update to the new regulations involves the reciprocity of certifications.
“We are getting great cooperation. Facility managers, engineers and the public work folks understand there are exploitation avenues that didn’t exist before, and we are seeing cooperation with the CIO and IT professionals to work out a strategy that will work for both entities,” said Haegley.
The DoD currently operates more than 2.5 million building control systems, Federal News Radio reports.