Back to news

December 19, 2018 | International, C4ISR

DoD IG: Military networks are exposed to ‘unnecessary’ cyber risks

By:

The military services are exposing networks to “unnecessary cybersecurity risks” thanks in part to a lack of visibility over software application inventories, according to a Department of Defense Inspector General report.

The IG investigated whether DoD components rationalized their software applications by identifying and eliminating any duplicative or obsolete applications. Rationalizing software applications seeks to improve enterprise IT by identifying all software applications on the network; determining if existing applications are needed, duplicative or obsolete; and determining if applications already existing within the network prior to purchasing new ones.

The audit — which focused on Marine Corps, Navy and Air Force commands and divisions — found that the groups examined did not consistently perform this rationalization process. By not having visibility into software application inventories, these organizations were unable to identify the extent of existing vulnerabilities within their applications, the report found.

Moreover, such a process could lead to cost savings associated with eliminating duplicative and obsolete applications.

Fleet Forces Command was the only command the IG reviewed that had a process in place for eliminating duplicative or obsolete applications. The Air Force did not have a process in place to prevent duplication when purchasing new applications.

The report placed blame on the DoD chief information officer for not implementing a solution for software rationalization in response to Federal Information Technology Acquisition Reform Act requirements.

The IG made three recommendations for the CIO, who did not provide a response to draft recommendations:

  • Develop an enterprisewide process for conduction software application rationalization throughout DoD;
  • Establish guidance requiring DoD components to conduct rationalization and require DoD component CIOs to develop implementation guidance outlining responsibilities for rationalization. Such a policy should also require components on at least an annual basis to validate the accuracy of their owned and in use software applications inventory; and
  • Conduct periodic review to ensure components are regularly validating the accuracy of their inventory and they are eliminating duplicative and obsolete applications.

https://www.fifthdomain.com/dod/2018/12/18/dod-ig-military-networks-are-exposed-to-unnecessary-cyber-risks

On the same subject

  • Second Trump presidency could mean harder line with defense industry

    November 19, 2024 | International, Aerospace

    Second Trump presidency could mean harder line with defense industry

    Trump touted his administration's renegotiation of the Air Force One contract with Boeing as an example of how he could cut defense costs.

  • Lockheed bests General Dynamics for Army long-range jammer contract

    June 27, 2023 | International, C4ISR

    Lockheed bests General Dynamics for Army long-range jammer contract

    Under the new arrangement, Lockheed will build a prototype of the Terrestrial Layer System-Echelons Above Brigade at its facility in Syracuse, New York.

  • Stealthier Tanks Are On The Way

    August 7, 2018 | International, Land

    Stealthier Tanks Are On The Way

    BY JOHN WATTS Several tech trends will make tomorrow's tanks harder to spot — and that may have strategic implications. Truly game-changing technology does not develop in isolation. It results from the convergence of multiple trends and usually the combination of multiple technologies. For example, today's social-media platforms did not arise from internet connectivity alone. Rather, they evolved iteratively over multiple generations of technological development, incorporating the miniaturization of digital cameras, the increase in portable computing power of smartphones, and advances in cellular connectivity. In that context, a cluster of technological trends may be converging to produce a potentially transformative battlefield capability: “stealth tanks.” This concept is not new and there is no certainty that these new technological developments will fully scale or prove operationally effective. But as these technologies develop they hint at possibilities that warrant serious discussion about their potential application to armored vehicles, as well as their operational and politico-strategic implications. By “stealth,” we do not mean invisibility. Rather, it is a collection of technologies designed to reduce an object's observable signature, thereby making detection more difficult. Even if temporary or incomplete, stealth provides a significant tactical advantage. Aircraft achieve stealth through a decreased radar cross section which incredibly complicates detection. Full Article: https://www.defenseone.com/ideas/2018/08/stealthier-tanks/150276/

All news