Wharton Aerospace & Defense Report

Defense Contractors Worried about New Pentagon Regulations on Unclassified DataNovember 18, 2011

The Pentagon is set to introduce new regulations to safeguard even unclassified information that might be on contractor networks, The Washington Post reported. Meanwhile, contractors are nervous about potential added costs.

The proposed regulation would require defense contractors to use cyber security to protect against intrusions and report them to the Pentagon, according to the Post. The new rules would affect nearly 50,000 small businesses. The Post reports that companies could be required to use either a "basic" or "enhanced" level of protection for the Pentagon's unclassified information. Under the proposed rules, companies must both report hacking attempts to the Pentagon and cooperate in investigations.

Trade industry representatives are concerned about added costs. "What you're doing is applying a government system of security … in a private sector environment that is likely to be far more diverse in terms of its architecture, in terms of its systems, in terms of its size," said Benjamin A. Powell, a partner in WimerHale's regulatory and government affairs department, according to the Post.

Other concerns: Companies are unclear about the scope of the data that needs protection, and industry advocates said no clear guidelines exist on how to implement such plans.