Operating your A&D supply chain in a DFARS compliant world

The Aerospace and Defense (A&D) sector is experiencing strong growth following multiple years of weak progress. Factors such as global tensions and aging fleets have combined with technological advancements, engineering innovation and superior product design to fuel this historic growth.

The supply chains of these companies will continue to grow in complexity and size. As they do, they’ll become more vulnerable to threats from natural disasters and malicious attacks, both physical and technical. Intellectual property in this sector is a critical business asset — leaving it unprotected can lead to counterfeit parts, reverse engineering, espionage through vulnerable devices, and attacks that could possibly shut down business for extended periods of time.

Now, more than ever, protecting IP is critical. To ensure national and global security, domestic and international economies must maintain a supply chain that operates smoothly while securing it from threats around the world.

The Defense Federal Acquisition Regulation Supplement (DFARS) NIST SP 800-171 supply chain program established 109 new cybersecurity technology and security policy requirements.  These new requirements address managing and protecting defense and controlled unclassified information (CUI) through standardization of security technology and procedures. Department of Defense (DoD) suppliers have until December 31, 2017 to become compliant with these requirements or risk losing current and future contract awards with the government.

Many organizations within the DoD supply chain are racing to find solutions to the 53 technology and 56 policy based requirements. Many businesses are struggling, especially small and medium sized organizations, with a lack of resources to address NIST SP 800-171 on their own.

To attain DFARS compliance, A&D companies will need a supply chain that better fosters collaboration and is supported by digital capabilities that align to DFARS requirements. Here are three keys to keep in mind:

  • Manage Disruption Effectively: Supply chain disruptions are comon given the number of physical and technical handoffs that can take place. This environment is rife for nefarious actors to disrupt it physically and technically.  Meeting the 56 technical and 53 policy based requirements helps to ensure DFARS compliance, but it doesn’t mean that bad guys will not attack. Stay aware of what is happening in your physical and technical environments to minimize disruption.
  • Establish a Connected Platform: Digital connections across your supply chain are key to delighting your customers. It is essential that your digitally connected supply chain is DFARS compliant. Using workflow and automation tools in the cloud that are configured to meet DFARS requirements will help to ensure you are compliant and safe.
  • Keep Up with Growing Requirements: DFARS is not a one trick pony. As cybersecurity challenges become more complex, additional requirements will come into play. Stay diligent and continually make DFARS upgrades while building additional security mechanisms on top of new DFARS requirements.

The A&D industry will continue to be challenged by threats of all kinds — natural, physical, or technological.  Regulatory requirements will continue to grow to protect our precious IP and supply chain.  Digital connections and enablement will thwart these threats and be required to survive in this dynamic environment.  DXC offers DFARS-specific solutions as well as digital transformation capabilities to allow A&D companies and their extended supply chain partners to thrive in this ever changing environment.

Chris-Lennon-headshotChris Lennon is DXC’s Chief Technologist for Aerospace & Defense, Americas. He is responsible for providing strategic guidance and customer oversight for existing and emerging technologies and their use in A&D to improve our customers’ business performance.


Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.