Cyberattacks continue to increase in frequency and sophistication. Motivated by crime, economic espionage, and/or national priorities, our cyber adversaries target anyone with sensitive information and intellectual property. Governments and their prime contractors and suppliers are not immune. The complex, sophisticated, and advanced threats that target these critical assets require a shared approach.
New legal, regulatory, and contractual requirements address the safeguarding of sensitive information on covered contractor information systems and the management of cybersecurity controls for its physical and logical access protection. Information system assets include software, hardware – endpoints. Mobile devices, & servers, and networks that store, process, generate, or transmit sensitive information.
Supply-chain cybersecurity requirements were designed to manage the risks related to the supply chain of system or service providers – including contracts for commercial items – who must safeguard sensitive information types including but not limited to unclassified federal contract information (FCI), covered defense information (CDI), controlled technical information (CTI), export control information, personally identifiable information (PII), proprietary information, and controlled unclassified information (CUI). At Parsons, we believe that security is a shared responsibility and we are partners with our suppliers in safeguarding all types of controlled and sensitive information.
Below are references to U.S. Government and Department of Defense regulations flowing down from contracts to our suppliers and industry resources on how to improve the security posture of your organization.