Understanding and managing risk for all Information Technology (IT) is of paramount importance. The Air Force office of the Chief Information Security Officer supports U.S. Air Force core missions by ensuring the cybersecurity and resiliency of systems, information, and staff, and provides information to help Small Businesses frame their Cybersecurity approach. 

Small Businesses can outline their efforts to address cybersecurity through preparation for a Risk Management Framework assessment and compliance with numerous federal regulations. The Department of the Air Force will assist all information technology in the formulation of Cybersecurity Strategy. The Cybersecurity Strategy is a required acquisition document that details how a program will ensure the information technology can protect and defend itself from a cyber-attack. The Department of the Air Force is migrating to the cloud and has aligned software development efforts towards Cloud One, Platform One, and Software Factors. It is important to establish your DevSecOps in a secure Cloud environment that meets your business needs. 

The Air Force office of the Chief Information Security Officer has outlined a memo for “Cyber Security and Resiliency Information for Small Businesses”. Check back for the official memo.

Also provided is a template to address the formulation of a holistic cybersecurity strategy and a list of Frequently Asked Questions. Check back for links to the template and FAQ documents. 

If you still have questions, ask them via the Air Force SBIR/STTR Help Desk at usaf.team@afsbirsttr.us.