Defending Defense Industry From Cyberattacks Requires More Cooperation

  • The Defense Department relies on thousands of companies to create cutting-edge capabilities for US troops.
  • Those companies face growing threats in cyberspace, and the Pentagon is working to frustrate, disrupt, and defeat the adversaries behind them.
  • John Sherman is the chief information officer for the Department of Defense.

The Department of Defense relies on the entrepreneurial companies and innovative, hard-working employees of the Defense Industrial Base (DIB) to create cutting-edge capabilities for our warfighters.

Through procurement from private-sector sources, the department leverages the commercial sector’s best technologies and innovations to provide our service members with the battlefield advantages they need to win decisively whenever called upon to fight.

DIB cybersecurity is — and will — remain an expanding priority for the US Department of Defense. More than 220,000 companies provide value to the department’s force development, and the DIB now faces increasingly sophisticated and well-resourced cyber-attacks that must be stopped.

These cyberattacks, often backed by American adversaries, threaten the US and the rules-based order on which the global economy relies. Markets cannot function effectively in an environment where adversarial countries use their national power to steal intellectual property, sabotage commercial activity, and threaten supply chains.

Lockheed Martin GPS III satellite

GPS III satellite solar arrays undergo testing in a clean room at a Lockheed Martin facility near Denver, June 23, 2017.

Pat Corkery/Lockheed Martin via AP

Recent examples of malicious cyber activity, such as the Colonial pipeline


attack and Solarwinds espionage campaign, show that our adversaries continue to evolve how they exploit cyberspace to steal sensitive information and disrupt systems.

These adversaries are maneuvering to infiltrate where they can, especially where they see weak links in the cybersecurity of the supply chain.

The size and complexity of the defense procurement ecosystem offers numerous paths for adversaries to access sensitive systems and information. New entry points are created daily as companies use technologies in new and innovative ways across supply chains.

The DoD’s approach to defense industrial base cybersecurity

Army depot computers cybersecurity

Employees at Tobyhanna Army Depot in Pennsylvania working cybersecurity operations.

US Army/Thomas Robbins

While every component of the department contributes to our cybersecurity, the DoD chief information officer is responsible for our cybersecurity strategies, plans, programs and governance processes, including the department’s DIB cybersecurity strategy.

DoD organizes DIB cybersecurity around four lines of effort to frustrate, disrupt, and defeat adversaries’ efforts to infiltrate cyberspace. Those include:

Incident reporting — The DoD Cyber Crime Center (DC3) is the clearinghouse for the Mandatory Incident Reports (MIR) that are required by federal acquisition regulations. Any company that suspects intellectual-property theft or exploitation of entrusted controlled unclassified information has a duty to report it. In turn, DoD offers response and mitigation assistance to companies who have been breached, uses the attack intelligence gathered to assist other DIB companies, and performs programmatic assessments to determine the damage caused by the potential loss of intellectual property.

Threat information and intelligence sharing — The department is committed to sharing information with private companies that hold some of our most sensitive information. With its advanced cryptology, signals intelligence, and cybersecurity capabilities, DoD serves as an invaluable partner to the private sector. A voluntary public-private cybersecurity partnership between DoD and DIB allows us to share information and intelligence through special events, intel sharing platforms, and regular communications. The department has two centers dedicated to making this effort stronger.

  • First, the National Security Agency’s Cyber Collaboration Center shares intelligence-informed indicators and cyber threat information to enable DIB partners to more effectively combat adversarial intrusions before they occur.
  • Second, the DC3 provides digital and multimedia forensics, specialized cyber training, technical solutions development, and cyber analytics for key mission areas. A critical function of DC3 is to provide non-attributional threat information reports to companies in the DIB CS program. DC3’s Defense Industrial Base Collaborative Information Sharing Environment (DCISE) serves as the operational hub for the DIB’s Cybersecurity Program. Any Cleared Defense Contractor interested in getting regular threat information and technical assistance should go to the DIB Cyber Incident Reporting & Cyber Threat Information Sharing portal.

Cybersecurity technical assistance and collaboration — To help businesses improve their cybersecurity, the department has developed a variety of cybersecurity services. For instance, the DC3 DIB Collaborative Information Sharing Environment (DCISE) portal allows access (with registration) to tools such as Krystal Ball, which provides DIB companies with automated “outside-in” assessment of their cybersecurity vulnerabilities.

The site also contains useful self-assessment survey capabilities to aid DIB companies in understanding areas for improvement in their cybersecurity posture.

The NSA Cyber Collaboration Center harnesses the power of cooperative industry partnerships to prevent and eradicate foreign cyber threats. NSA offers several capabilities to enhance DIB cybersecurity, such as Protective Domain Name Systems, improved email security, and continuous external vulnerability scanning.

These services and others are already improving cybersecurity readiness, resiliency, and compliance across DoD’s supply chains. We plan to continue expanding the customer base for these offerings and to pursue additional new innovative cybersecurity solutions that will make it easier for businesses to adopt the right practices.

DIB cybersecurity requirements and assessment mechanisms — The DoD has a responsibility to protect information important to national security that we have entrusted to the private sector.

We are taking a “trust, but verify” approach that recognizes many small businesses are still building their cybersecurity capabilities.

Recognizing that the initial approach to Cybersecurity Maturity Model Certification (CMMC) was driving unnecessary cost for industry, DoD revamped the program (CMMC 2.0) to streamline requirements and processes, while protecting the defense industrial base from increasingly frequent and complex cyberattacks. With its streamlined requirements, CMMC 2.0 cuts red tape for small- and medium-size businesses, prioritizes the protection of DoD information that’s necessary for national security, and reinforces cooperation between the DoD and industry in addressing evolving cyber threats.


F-35 factory assembly line

Workers assemble an F-35 at Lockheed Martin’s factory in Fort Worth, Texas, October 13, 2011.

REUTERS/Lockheed Martin/Randy A. Crites

Defense industrial base cybersecurity is and will remain an expanding priority for the US Department of Defense.

With increased reporting, improved information sharing, technical assistance, and our revamped assessment mechanisms, we are committed to ensuring businesses can secure the nation’s sensitive information when it is on their networks.

Through these and other efforts, DoD seeks to strengthen national security through greater collaboration with the DIB.

Hon. John Sherman is the chief information officer for the Department of Defense.

Source News