The business world contains many acronyms, but they are rarely defined by the people who already know what they mean. If you read the papers and follow business news, you may have seen the term DIB without an explanation.
What Is the DIB?
The Defense Industrial Base Sector is the group of companies and manufacturers that provide products and services to outfit and support military operations. The DIB consists of manufacturing companies to meet the current requirements of the military, and research facilities to anticipate their future needs.
There are more than 100,0000 companies in the defense industry, and these companies perform under the contract of the Department of Defense and provide materials and services directly to the government.
The DIB does not include infrastructure providers such as power or utilities that the Department of Defense uses to support military operations.
Does the DIB Include Only American Companies?
Defense Industrial Base companies include not only American companies but also foreign entities. Production assets are located in many countries across the globe.
How Do Businesses In the DIB Sector Get Contracts?
Government contracts are put up for bid, and companies and entities in the DIB bid on them to win contracts. In general, there are three different categories for federal contracts.
- Micropurchase: contracts that are generally less than $3000 and are not advertised
- Simplified Acquisition Procedure: contracts reserved for small businesses, broken down into contracts between $3,000 and $25,000 which are usually not advertised, and contracts between $25,000 and $150,000 which are advertised on government websites.
- Formal/Large Contract: contracts for jobs over $150,000.
Do Some DIB Contracts Contain Sensitive Information?
Government contractors are often responsible for sensitive information. This leaves them vulnerable to cyberattacks.
Defense contractors are responsible for protecting the Controlled Unclassified Information that they have access to while executing government orders.
How Can Companies Protect CUI?
The government had developed the Cybersecurity Maturity Model Certification program to aid organizations in the pursuit of keeping all CUI safe. The program provides guidelines for companies to follow to ensure the cyber safety of their data.
How Does the CMMC Work?
The CMMC defines three levels of users and the requirements they must meet to obtain CMMC certification.
Level 1: Foundational
Companies that focus on the protection of FCI require a Level 1 certification. Level 1 requirements are based on the 17 controls in the Basic Safeguarding of Covered Contractor Information.
Level 2: Advanced
Companies that work with CUI will need a Level 2 certification. The requirements for this mirror those detailed in the National Institute of Standards and Technology SP 800-171.
Level 3: Expert
Organizations that work on the Department of Defense’s highest priority programs must focus on reducing the risk from Advanced Persistent Threats. CMMC Level 3 has standards to help them succeed.
Achieving CMMC compliance assures the government that independent contractors are capable of protecting the sensitive data and information that they have access to when executing government contracts.
The Defense Industrial Base sector is a worldwide network of companies and organizations that produce the products and ideas that keep the United States Military operating at the top of their game.