Ellen Lord Says Defense Will Issue New Cybersecurity Standards for Contractors

Ellen Lord, the undersecretary for acquisition and logistics at the Pentagon and a 2019 Wash100 winner, said officials plan to issue new cyber security standards for the industry to follow when competing for defense contracts, Fifth Domain reported Tuesday. The Department of Defense is working with the National Institute of Standards and Technology to create metrics on minimum cyber security practices.

“We are deriving cyber security standards form the NIST standards,” Lord said. “We will have metrics associated with those. We’ll stand up third-party auditors.”

She said the government intends to start using the new standards within the next 18 months to improve how it selects contractors. The effort will also involve Johns Hopkins University Applied Physics Laboratory in the future. Acting Defense Secretary Patrick Shanahan said in late 2018 that cyber security would become a key measurement to guide how the Defense Department evaluates companies.

However, small businesses have raised concerns with the proposed standards at the Pentagon. John Luddy, vice president for national security at the Aerospace Industries Association, told lawmakers that small and medium-sized vendors would face challenges in creating “self-sustaining cyber security programs” and in meeting the requirements of a one-size-fits-all checklist.

You may also be interested in...

Nickolas Guertin

Carnegie Mellon’s Nickolas Guertin in Line to Become Next Defense OT&E Director

Nickolas Guertin, a senior software systems engineer at Carnegie Mellon University, has been nominated by President Biden to become the Department of Defense's (DoD) director of operational test and evaluation (DOT&E). The Reading, Connecticut native was a former U.S. Navy serviceman with experience in ship construction and maintenance, systems engineering, weapons testing and development, and submarine operations, the White House said Thursday.