Holomua Consulting Group, LLC
info@holomuaconsulting.com
(808) 369-1471
  • Home
  • About
  • Services
    • SBA 8(a) Program Services
    • DBE Program
  • News
  • Contact
    • Initial Consultations
  • Our Blog
  • Pilot Course
  • Student Portal

​The Small Business Blog

TIPS * UPDATES * INDUSTRY NEWS

GAO Report on Defense Cybersecurity:  Opportunities Exist for DOD To Share Cybersecurity Resources with Small Businesses

10/1/2015

0 Comments

 
Picture
On September 24, 2015, the Government Accountability Office (GAO) published a report titled:  "Defense Cybersecurity - Opportunities Exist for DOD to Share Cybersecurity Resources With Small Businesses" which addresses "the extent to which the DOD Office of Small Business Programs (OSBP) has integrated cybersecurity into its existing outreach and education efforts for defense small business."  GAO's review and subsequent Report were done as a result of a provision in the Joint Explanatory Statement accompanying the 2015 NDAA which required GAO to perform such an assessment. 
Background On The Issue

In November 2013, the DoD published a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to include a new clause, DFARS 252.204-7012 titled "Safeguarding Unclassified Controlled Technical Information."  This clause essentially requires DoD contractors and subcontractors to 
provide adequate security and protections to safeguard unclassified controlled technical information (UCTI) residing on or transiting through their unclassified information systems from unauthorized access and disclosure.  On August 26, 2015, the DoD issued an Interim Rule significantly expanding the scope of DFARS 252.204-7012 and others, with respect to the reporting of cyber incidents by DoD contractors and subcontractors.

In 2014, and official from the FBI testified that businesses are increasingly being targeted by foreign entities theft of trade secretes and other proprietary information.  In February 2015, the Director of National Intelligence reported that cyber threats to the U.S. are increasing in frequency, scale, sophistication and severity.  

The DoD has an Office of Small Business Programs (OSBP) that focuses specifically on small business contracting and subcontracting.  According to the GAO Report, in fiscal year 2014, DOD obligated approximately $55.5 Billion to small business prime contractors.  ​Therefore, small businesses are receiving a significant amount of federal contracts, many of which involve access to technical information used or provided to the government. It is also well known that small businesses generally have fewer resources compare to large businesses when it comes to cybersecurity and the ability to counter such cybersecurity threats.   

GAO Report 

The GAO Report noted: (1) the DoD's OSBP is not required to integrate cybersecurity into current or new outreach/education efforts; (2) the OSBP currently does not disseminate cybersecurity information/resources to small businesses in its outreach and education efforts; (3) OSBP officials acknowledged that while they are not required to educate small businesess on cybersecurity, they do feel that cybersecurity is an important and timely issue for small businesses and are therefore considering incorporating it into existing outreach efforts.

The GAO identified 15 existing cybersecurity outreach and education resources the OSBP could leverage for its small business contractors.  Examples include:

  • The DoD's Defense Security Service offers online cybersecurity training programs on various topics that are available to the public through its public website.
  • The SBA maintains a learning center that contains an online program that covers cybersecurity concepts for small businesses.
  • The Department of Homeland Security provides cyber awareness resources to the public.
  • The Federal Communications Commission hosts a planning tool on its website that is targeted to small businesses.

The GAO's ultimate recommendation was that the Secretary of Defense direct the Director of the DoD OSBP, as part of its existing outreach efforts, to identify and disseminate cybersecurity resources to defense small businesses.  The DoD issued a letter in response to the GAO's draft Report which provided their concurrence, acknowledged that the resources identified in the Report reflected a thorough assessment, and stated that "[f]uture outreach by the DoD OSBP will increase awareness of the cybersecurity education resources among the DoD Small Business workforce through training events, education programs and by issuing guidance to the Military Departments and Defense Agencies."

If you have questions about the GAO Report or whether you are in compliance with federal regulations regarding cybersecurity protections, please contact us at: (808) 369-9710 or info@holomuaconsulting.com. 
0 Comments



Leave a Reply.


    Enter your email address:

    Delivered by FeedBurner

    Archives

    May 2020
    April 2018
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    March 2017
    February 2017
    December 2016
    November 2016
    October 2016
    August 2016
    June 2016
    March 2016
    February 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    March 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014


    Categories

    All
    8(a) BD Program
    Affiliation
    Affirmative Action
    Business Development
    Compensation
    Conferences
    Contractor Compliance
    DBE
    DFARS
    Employment
    Events
    FAR
    Federal Contracting
    FLSA
    GAO Protest
    General Business Tips
    GovCon Tips
    Government Contractor Compliance
    HR Compliance
    HUBZone
    Joint Ventures
    Marketing
    Market Research
    Native Hawaiian Issues
    NHO
    OFCCP
    Ostensible Subcontractor Rule
    SBA OHA Decisions
    SBA Regulations
    SBIR
    SDVOSB
    Size Protests
    Small Biz Tools
    Small Business Compliance
    Small Business Programs
    Subcontracting
    WOSB

CONTACT US

  • (808) 369-1471
  • info@holomuaconsulting.com
  • P.O. Box 29735, Honolulu 96820

    Newsletter, alerts & updates, promotions

Subscribe
Back to top
  • Home
  • About
  • Services
    • SBA 8(a) Program Services
    • DBE Program
  • News
  • Contact
    • Initial Consultations
  • Our Blog
  • Pilot Course
  • Student Portal
Picture
Picture
Picture
Picture
© 2014 Holomua Consulting Group, LLC.  All Rights Reserved.