General Atomics Aeronautical Cybersecurity
General Atomics is committed to protecting and securing critical industry information and responding vigilantly to the growing threat posed to our customers. It is our aim to keep information in the right hands. As required by our Supplier Code of Conduct, Suppliers will respond vigilantly to the growing threat of cyber warfare and will proactively secure virtual and physical hardware while reporting and mitigating any compromise of systems or information.
In the News: Cybersecurity Maturity Model Certification (CMMC)
The Department of Defense (DoD), Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) has placed increased emphasis on compliance with cybersecurity standards that proactively enhance the protection of Controlled Unclassified Information (CUI) within the supply chain. According to the (OUSD(A&S)) the CMMC “combine[s] various cybersecurity standards and best practices and map[s] these controls and processes across several maturity levels,” with an added verification by DoD certified 3rd party organizations. Look for more information as DoD moves toward implementation.
- Guidance for Assessing Compliance and Enhancing Protections Required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting
- Department of Defense Procurement Toolbox – Cybersecurity Policy & Regulations
- Department of Defense Procurement Toolbox – Cybersecurity Resources
- Department of Defense Chief Information Officer
- National Institute of Standards and Technology (NIST) Cybersecurity Self-Assessment Handbook
- Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (CERT)
- NIST Controlled Unclassified Information System Security Plan (SSP) Template
- NIST Free and Low Cost Online Cybersecurity Learning Content
- Center for Development of Security Excellence - Deliver Uncompromised Toolkit
Cybersecurity Resources for Small Businesses
- NIST Small Business Cybersecurity Corner
- Department of Defense – Office of Small Business Programs - Cybersecurity
- Small Business Administration – Cybersecurity for Small Business
- Federal Communications Commission Small Business Cyber Planning
Protection of Controlled Unclassified Information
- Protecting DoD's Unclassified Info - Part 1
- Protecting DoD's Unclassified Info - Part 2
- Protecting DoD's Unclassified Info - Part 3
If your business has been the victim of, or suffered a cybersecurity incident, contact the Department of Defense at https://dibnet.dod.mil within 72 hours of a discovered incident. Follow all instructions provided by the Contracting Officer; and isolate and freeze affected systems and data. Do not delete any information related to, or suspected to be related to the incident. If GA or GA customer information is the subject, please provide the incident report number, automatically assigned by DoD, to your GA Buyer as soon as practicable.