LOUISVILLE, KY. — The Department of Energy’s former chief information officer warns the federal government will become more demanding on cyber security requirements for contractors, and that it’s likely to be costly and time-consuming.
“Agencies are updating policies,” Rocky Campione, vice president of cybersecurity and technology solutions for Boston Government Services, said here Wednesday. Campione told participants in the Exchange Monitor’s Radwaste Summit that while it won’t happen overnight, more government cyber rules are on the way.
“When they get around to it, they are going to update your contract,” Campione said. While it is not going to happen tomorrow, “you need to prepare,” he added.
There could “be a lot of cost” in cyber provisions of new contracts, Campione said. Tighter regulation of cyber in government contracts is on the way, regardless of who wins the November election, he added. Cyber security procedures have gotten tighter in every presidential administration of the internet age, Campione said.
The higher costs stemming from cyber requirements must be taken into account by companies with fixed-price contracts with the government, Campione said.
There have been a growing number of headline-grabbing cyber attacks across the globe in recent years, Campione said. Many affected international security and others like the Colonial Pipeline attack hit energy infrastructure.
Campione pointed to DOE’s aggressive investment in electric vehicles. “A Tesla is a phone surrounded by a car,” he said.
Tesla has cameras in its cars, which is not allowed “inside the fence” of some secured areas, Campione said.