The Pentagon has announced its plan to add product or service security as a criterion when evaluating offers made by prospective contractors, the Washington Post reported Monday.
Pentagon spokesperson Maj. Audricia Harris said in a statement that the Defense Department “is examining ways to designate security as a metric within the acquisition process” adding that “[the] department’s goal is to elevate security to be on par with cost, schedule and performance.”
The plan is based on one of the 15 courses of action proposed in “Deliver Uncompromised,” a report that the non-profit MITRE Corporation prepared to address security challenges at the supply chain and cyber levels.
These courses of action range from policies that the DoD could enact internally to legislation and various administrative actions.
The MITRE report called on the DoD pursue initiatives that would reward “the achievement, demonstration, and sustainment of cyber and supply chain security” and help contractors see risk mitigation not as an expense but as “as a profit center for the capture of new business.”