Back to news

December 19, 2018 | International, C4ISR

DoD IG: Military networks are exposed to ‘unnecessary’ cyber risks

By:

The military services are exposing networks to “unnecessary cybersecurity risks” thanks in part to a lack of visibility over software application inventories, according to a Department of Defense Inspector General report.

The IG investigated whether DoD components rationalized their software applications by identifying and eliminating any duplicative or obsolete applications. Rationalizing software applications seeks to improve enterprise IT by identifying all software applications on the network; determining if existing applications are needed, duplicative or obsolete; and determining if applications already existing within the network prior to purchasing new ones.

The audit — which focused on Marine Corps, Navy and Air Force commands and divisions — found that the groups examined did not consistently perform this rationalization process. By not having visibility into software application inventories, these organizations were unable to identify the extent of existing vulnerabilities within their applications, the report found.

Moreover, such a process could lead to cost savings associated with eliminating duplicative and obsolete applications.

Fleet Forces Command was the only command the IG reviewed that had a process in place for eliminating duplicative or obsolete applications. The Air Force did not have a process in place to prevent duplication when purchasing new applications.

The report placed blame on the DoD chief information officer for not implementing a solution for software rationalization in response to Federal Information Technology Acquisition Reform Act requirements.

The IG made three recommendations for the CIO, who did not provide a response to draft recommendations:

  • Develop an enterprisewide process for conduction software application rationalization throughout DoD;
  • Establish guidance requiring DoD components to conduct rationalization and require DoD component CIOs to develop implementation guidance outlining responsibilities for rationalization. Such a policy should also require components on at least an annual basis to validate the accuracy of their owned and in use software applications inventory; and
  • Conduct periodic review to ensure components are regularly validating the accuracy of their inventory and they are eliminating duplicative and obsolete applications.

https://www.fifthdomain.com/dod/2018/12/18/dod-ig-military-networks-are-exposed-to-unnecessary-cyber-risks

On the same subject

  • The Netherlands to buy nine more F-35s for $1.1 billion

    October 9, 2019 | International, Aerospace

    The Netherlands to buy nine more F-35s for $1.1 billion

    By: Sebastian Sprenger COLOGNE, Germany – The Dutch government on Tuesday announced plans to purchase nine more of Lockheed Martin's F-35 jets, a move that would bring the country's inventory to 46. The envisioned €1 billion acquisition will “lay the foundation” for a third F-35 squadron in the Dutch air force, a plan that government officials first floated in late 2018, according to a statement posted on the defense ministry website. The additional aircraft are expected contribute to the air force's objective of having four jets available for NATO missions while also performing homeland defense operations and accounting for training requirements and maintenance downtime. Fully rounding out a third squadron would require 15 extra planes, however, alliance officials have previously told the Dutch, prompting talk in the Netherlands last year of a potentially higher number eventually. The Dutch want the F-35 to replace their legacy fleet of F-16s. Neighbor Belgium selected the fifth-generation aircraft in the fall of 2018, announcing a planned buy of 34 copies. Dick Zandee, a defense analyst at the Clingendael think tank in The Hague, told Defense News the announced acquisition of nine more F-35s enjoys “broad support” in the Dutch parliament. He said government leaders had already included the new aircraft spending in their annual report to NATO to show momentum in the country's move toward spending 2 percent of gross domestic product on the military. Government officials have told parliament that they want to give the American program office a formal notice to buy the additional jets before the end of the year, Zandee said. The Dutch want F-35s of the newest configuration, he added, which means any changes in the international delivery schedule caused by the recent Turkish expulsion from the F-35 program likely would play no role. The Trump administration has kicked Turkey out of the program over the country's purchase of the Russian S-400 air-defense system. American officials fear that co-locating the two systems could enable Russia to glean valuable intelligence about the planes simply by subjecting them to the S-400′s sensors. https://www.defensenews.com/global/europe/2019/10/08/the-netherlands-to-buy-nine-more-f-35s-for-11-billion

  • Kratos Wins $579M Single Award IDIQ for Space Force SATCOM C2 System

    February 15, 2024 | International, Land

    Kratos Wins $579M Single Award IDIQ for Space Force SATCOM C2 System

    The CCS-C program develops the C2 system for most U.S. MILSATCOM systems including the Defense Satellite Communications System, Milstar, Wideband Global SATCOM and Advanced Extremely High Frequency satellites.

  • Lockheed drops US Air Force tanker bid; partner Airbus to go it alone

    October 23, 2023 | International, Aerospace

    Lockheed drops US Air Force tanker bid; partner Airbus to go it alone

    Lockheed's tanker would have been a variation on Airbus's A330 Multi Role Tanker Transport. Airbus now plans to respond to the Air Force's tanker request.

All news