Naval Sea Systems Command has added cybersecurity to its overall strategic business plan originally released last year in an effort to create a common approach to cyber threats and to more clearly define requirements for contractors.

The updated plan released Wednesday said that given the increasing threats in the cyberspace the Navy needs systems that are developed with cybersecurity capabilities from the start and that they need to be adaptable to meet emerging threats.

NAVSEA Image
NAVSEA Image

“We must build cybersecurity defenses into our systems from the ground up –as we design these systems –and not as an afterthought,” Vice Adm. William Hilarides, the commander of NAVSEA, said in a statement accompanying the document’s release. “Many of our ship systems and controls are no longer manual or hydraulic, but controlled through electronic commands.”

“We must ensure these systems and the systems we use to monitor their performance don’t create pathways that allow hackers to compromise our ships’ missions the way hackers have been able to take over cars through the satellite communications systems,” Hilarides said.

The Strategic Business Plan 2013-2018 says one objective is to establish clear responsibility for cybersecurity requirements for NAVSEA contractors, and for the command to play a greater role within the Navy in the development of specifications and standards.

The plan said NAVSEA should also develop standardized contracting language for prime and sub contractors to ensure they are consistently meeting requirements, and to develop new contracting processes that can move quickly to address emerging cyber threats.

“Today’s battle space is becoming increasingly complicated,” the plan says. “Our ability to secure the information and data we create and use every day, from our foundational systems to those that operate our ships, platforms and weapons, is absolutely critical.”