DOD will soon set information assurance standards

DOD will soon set information assurance standards

In a few weeks, Defense Department CIO John Stenbit will release a directive setting standards for information assurance.

The directive, DOD 8500, will lay out requirements to guide Defense agencies on how to secure their networks. The policy is expected to cover everything from access control capabilities to high-speed firewall protection and will be linked to initiatives in the intelligence agencies.

The directive aims for a layered security approach, or defense in depth, said Bob Lentz, director of information assurance for the Office of the Assistant Secretary of Defense for command, control, communications and intelligence.

It will establish baseline controls so users can keep the requirements in mind as they design networks, acquire products and implement lifecycle decisions, Lentz said. The purpose of DOD 8500 moves beyond encryption, Lentz added, even though all 3 million Defense users will be required to log on and to sign e-mails using a public-key infrastructure by October 2003.

Lentz said the Defense policy will give warfighters a greater sense of situational awareness by securing one of their most precious resources during wartime: information.

'Warfighters must be able to trust all of the information that they need,' Lentz said. '[Information] must be dynamic with reduced possibilities of error.'

Lentz spoke yesterday at the 2002 Military Communications Conference in Anaheim, Calif.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.