EXCLUSIVE: A 2017 DOD STIG Analysis

Connect--But, be very careful

So, your contractor says they are “experts” in cybersecurity…are you sure?


THE REAL PROBLEM: Program Managers, Contract Officer Representatives, etc., are not holding contracted system, hardware, and software developers to the cybersecurity standards–in this case, DOD. Government leadership is failing to hold contractors to their proposal that they would meet contractually all cybersecurity requirements.


The above is a redacted version of a review of a DOD system by the Cybersecurity Assessment team assigned to a Acquisition Category (ACAT) system. The Security Technical Implementation Guides (STIG) are required for all DOD IT systems.


EDITOR’S NOTE: The Cyber Sentinel is releasing this for information purposes only about the state of cybersecurity. It is not our intent to divulge specific systems and vulnerabilities. Our commitment is foremost to the safety and security of the nation’s soldiers, sailors, airmen, and Marines deployed around the globe.