Robert Lentz, a senior DOD information assurance official, told lawmakers last week he saw "no problem" in the development of higher data security standards for contractors working on military systems.
Lentz made the comment during a hearing of the House Armed Services terrorism, unconventional threats and capabilities subcommittee hearing, when he was asked whether Pentagon officials were getting pushback from contractors against such regulations.
"No, we're not," Lentz replied. "In fact they're asking for that language."
Hackers have repeatedly, and presumably successfully, attempted to lift unclassified but sensitive information about U.S. weapon systems from defense companies' computer networks.
In his final press conference late last month, former Pentagon acquisition czar John Young hinted at an internal debate about the cost of the added information assurance on contractor networks, particularly with respect to existing contracts.
"We've got to accept the reality that people don't like. And that is we have awarded contracts ((where)) the government is probably going to go in and . . . ask people to set a higher standard for their information assurance processes.
"It's probably going to cost us some money. Nobody wants to come to grips with that. But the reality is we've got to come to grips with it."
Looking back his tenure at the Pentagon, Young said he should have "pushed harder" on the issue.