Saab Australia, BAE Systems Australia, industry and government have developed the Cyber Framework for the Defense Industry (CFDI) to measure and increase the cyber resilience of SMEs wishing to work on defense programs. The CFDI has been adopted by 12 implementers providing a standardized approach to assessing cyber maturity as well as a guide to improving protection levels for SMEs.
Saab Australia chief executive Andy Keough said the new framework will reduce barriers to entry for SMEs into defense supply chains by providing a common cybersecurity assessment tool. “SMBs currently face a different and complex security assessment process each time they work with a different defense prime,” Keough said. “By developing this framework, we have reduced red tape, making it easier for SMEs to seize opportunities in the defense sector. By the very nature of their size, many SMEs lack the resources or expertise to upgrade their information processing or cyber protection skills to meet defense requirements. This framework gives them a clear roadmap to achieve the required levels of cyber maturity.
BAE Systems Australia’s chief information and digital officer, Michael Salas, said the company wants more Australian SMEs to supply services and new technologies to defense programs as a more diverse supply chain enables greater levels of innovation. “The Cyber Framework is a good start for SMEs that want to self-assess their level of cyber risk,” he said. “They can undertake a rapid assessment of their cyber maturity which then leads to the identification of key areas to invest in and improve a company’s defenses. This leads to improved cyber maturity of our defense supply chain and better results for our client.
The CFDI was developed in collaboration by Saab Australia and BAE Systems, the Center for Defense Industry Capability and the Australian Cyber Security Centre.