U.S. Army Chief Information Officer Leonel Garciga has issued interim cybersecurity guidance governing the operation and network connectivity of small unmanned aircraft systems, or sUAS, across the service.
The Potomac Officers Club’s 2026 Army Summit on June 18 will highlight how the Army’s transformation efforts are reshaping modernization and contracting priorities, providing industry leaders with insight into the service’s path toward its 2030 goals. Save your seat now!
Table of Contents
What Is the Purpose of the Cybersecurity Guidance?
According to the memo issued Feb. 5, the policy establishes interim requirements for operating small UAS, defined as Group 1 and Group 2 systems weighing 55 pounds or less. The guidance is intended to establish new protocols for rapid procurement and fielding of drones while protecting the Department of War Information Network, or DoWIN, from cybersecurity threats.
What Are the Key Cybersecurity Rules?
Under the guidance, O-6 level commanders authorized to procure, test or train with sUAS must follow Army cybersecurity requirements governing network connectivity. Small UAS may not connect to DoWIN without both an authorization to operate and authority to connect. Systems operating in closed-loop or standalone configurations that do not interface with Army networks are exempt from formal authorization, provided other requirements are met.
Platforms on the Defense Innovation Unit and Defense Contract Management Agency Blue UAS Select list receive type-based authorization but still require approval to connect, while all other systems must complete the assess-and-authorize process through the Enterprise Mission Assurance Support Service, or eMASS.
What Systems & Organizations Are Covered by the Guidance?
The Army CIO, acting on behalf of the secretary of the Army, is responsible for setting policy, allocating resources and providing oversight for the Army Cybersecurity Program in accordance with Army Regulation, or AR, 25-2, titled Information Management: Army Cybersecurity, including issuing policy memoranda as needed to clarify or expand existing guidance. The policy applies across all headquarters, Department of the Army elements, Army commands, Army service component commands, direct reporting units and reserve components, regardless of duty status, but excludes small UAS used for intelligence gathering.
Related Articles
Milan “Mitch” Nikolich and James Gosler, national security experts from the Johns Hopkins Applied Physics Laboratory, have joined the Department of War’s Science, Technology and Innovation Board, or STIB. APL said Thursday Nikolich will serve as the STIB’s inaugural chair and Gosler will sit on the board as a member. APL Director Dave Van Wie said Nikolich and Gosler’s expertise will support the new board’s mission to connect technical researchers and industry partners and help national leaders maintain U.S. leadership in critical technologies. What Is the DOW STIB? The STIB is a new advisory panel established by Emil Michael, under
The Cybersecurity and Infrastructure Security Agency has introduced a new directive requiring federal civilian executive branch, or FCEB, agencies to strengthen security controls for edge devices by removing unsupported hardware and software from federal networks. CISA’s new directive highlights the continued focus on strengthening cybersecurity across government networks. As agencies and industry stakeholders track evolving requirements and threat-driven priorities, the Potomac Officers Club’s 2026 Cyber Summit will bring together leaders from across the federal cyber community. Register now to save your seat at this May 21 event! CISA said Thursday the directive—Binding Operational Directive 26-02, Mitigating Risk From End-of-Support Edge
The Department of War has issued new guidance establishing procedures for identifying, assessing and mitigating threats posed by vendors supporting U.S. military operations. According to DOW, Under Secretary of War for Acquisition and Sustainment Michael Duffey, a 2026 Wash100 awardee, approved the guidance on vendor threat mitigation, or VTM, which took effect Monday. What Is the Purpose of the Vendor Threat Mitigation Guidance? The VTM guidance establishes standardized procedures across the department to vet commercial suppliers and manage risks linked to foreign adversaries, criminal networks and extremist organizations that may exploit vendor relationships with DOW. The guidance directs DOW officials