The Pentagon has unveiled its inaugural cybersecurity strategy aimed at fortifying the defense industrial base (DIB) against cyber threats. Deputy Defense Secretary Kathleen Hicks emphasized the necessity for resilience in the face of adversaries seeking insights into U.S. capabilities, stressing the importance of collective defense.
This strategy outlines a comprehensive plan spanning fiscal years 2024 through 2027, with a focus on enhancing cybersecurity practices within the vast defense supply chain. It delineates four overarching goals, including the improvement of best practices and the ability to recover swiftly from cyber attacks.
Integral to the strategy is the Cybersecurity Maturity Model Certification program, designed to elevate cybersecurity standards among contractors and ensure compliance and resilience across the DIB. The Pentagon’s concerns about digital vulnerabilities within its supply chain stem from past breaches, such as the 2009 infiltration by suspected Chinese hackers targeting a contractor involved in the F-35 Joint Strike Fighter program.
David McKeown, the Pentagon’s deputy chief information officer for cybersecurity, underscored the persistent threat posed by malicious actors, emphasizing the need for constant vigilance. While specific breach metrics are not provided, ongoing intrusions necessitate continuous monitoring and prompt patching of vulnerabilities to mitigate risks across the defense industrial base.
