Hagel: New Protections
Needed for Unclassified Data
By Claudette Roulo, American
Forces Press Service.
Washington D.C. – Octobre 24, 2013 – (AFPS)
– Defense Secretary Chuck Hagel recently directed that DOD organizations take
additional steps to ensure unclassified controlled technical information is
protected from cyber intrusions.
“Stolen data provides potential adversaries extraordinary
insight into the United States’ defense and industrial capabilities and allows
them to save time and expense in developing similar capabilities,” Hagel said in
a memo dated Oct. 10.
“Protection of this data is a high priority for the
department and is critical to preserving the intellectual property and
competitive capabilities of our national industrial base and the technological
superiority of our fielded military systems,” he added.
As the world has become increasingly dependent on electronic
data, traditional physical security concepts are no longer valid, said Jennifer
Elzea, a Defense Department spokesperson.
“The opportunity to gain access to sensitive unclassified
information is simply too unconstrained, and we must rethink how we safeguard
our technical information,” she said.
Unclassified controlled technical data losses have become a
major problem for the nation and its industrial base, Elzea said. And the
problem is getting worse. Data and intellectual property concerning defense
systems requirements, concepts of operations, technologies, designs,
engineering, systems production and component manufacturing are all being
targeted, she said. While the information is unclassified, its loss still
represents a significant threat to national security.
“The department must be sure that unclassified controlled
technical information is protected from network intrusion and that any
consequences associated with loss of this information are assessed and minimized,”
To that end, the secretary directed that the offices of the
undersecretaries of defense for acquisition, technology and logistics, policy,
intelligence, and the DOD chief information officer work together to develop any
necessary changes to policy, guidance and rulemaking activities to improve the
protection of unclassified controlled technical information that resides on or
passes through defense contractor systems or networks.
DOD also has proposed an amendment to its acquisition and
contracting regulations, Elzea said. The amendment will add language to defense
contracts requiring contractors to incorporate established security standards on
their networks, and to report cyber-intrusions that result in the loss of
unclassified controlled technical information.
The change is part of the effort to balance the cost of
increased protection with the ability to conduct business operations at an
unclassified level, she noted. The department must be able to safely operate at
Other actions directed in the memo include the establishment
of a joint analysis cell to assess losses of technical information. The cell, to
be led by the undersecretary of defense for acquisition, technology and
logistics, will determine the consequences of those losses and develop necessary
In addition, Hagel directed the military departments to
identify critical acquisition and technology programs that require additional
protection. This process will include a review of the classification guidance
for those programs.
Finally, the DOD CIO, the National Security Agency and the
Defense Information Systems Agency will continue to identify the technical
standards needed to protect unclassified information in the Joint Information
“The Department of Defense is committed to protecting our
unclassified controlled technical information against the threat of cyber
intrusions that target the department and our industrial base,” the defense
“These actions will ensure that the department provides a
cohesive, comprehensive and cost-effective approach to protect priority
investments and future defense capabilities while maintaining efficient business
operations with our industrial partners,” he added.