|Posted by Abraham Xiong on October 26, 2014 at 5:25 PM|
Do You Need to Be Ready for Cyber Attacks as a Government Contractor?
You’ve heard it on the news….
Many of these major brands are obvious targets to cyber attackers. So, when a breach occurs the news goes national and we all hear about it.
What you may not have heard is this…
Recently, the Office of Personnel Management (OPM) terminated a contract with US Investigation Services (USIS), the major security clearance contractor that was targeted by cyber attackers. The computer network breach compromised the personal files of more than 25,000 government workers, which led to the eventual termination of the contract. USIS will lose over $2.5 billion for the Background Investigation Fieldwork contract and $288 million for the Background Investigation Support Services contract. This is a major blow to their business and USIS has furloughed over 1000 of its employees.
In light of this example, the answer to the question, “Can a cyber attack wreak havoc on your business?” is YES! You need to be ready for cyber attacks as a government contractor. What happened to USIS is a reality to all government contractors. Now, the government is giving you more of a reason to be prepared. New regulations have recently been passed and others are being considered which will directly affect you as a government contractor. The Pentagon and Homeland Security are leading the charge in enacting regulations that impacts contractors.
The rule states that within 72 hours of discovering any compromise of unclassified controlled technical information in a company system, your company must disclose which contracts are affected, the location of the leak and a description of the data compromised to the extent they are known at the time.
So, if you’re a federal contractor with contracts with the DOD or Homeland Security, you’ll be among the first of companies required to start meeting the new regulation. Other agencies and even potential government-wide policies will follow to require all contractors to be in compliance.
What does this mean to you as a business owner? Well, many things must be considered, but I’ll touch upon a few here. First and foremost you have to consider the cost of protecting your company’s data when you’re pricing out your projects in your proposals. You have to take into account what cyber security technologies are available and which ones will best meet your client’s need. You have to source out affordable and robust solutions to guard your data. You may have to hire new staff to meet these regulations.
At the end of all this, I believe that as a government contractor, by being the first to plan and implement a cyber security strategy, you will have a competitive edge over other companies. You’ll better safeguard your own interests in your measure to safeguard your client’s needs.