Back to news

July 16, 2020 | International, C4ISR, Security

The key to securing the defense industrial base is collaboration

Teresa Shea

With cyber threats constantly evolving and increasing in sophistication, a strong national cybersecurity posture has never been more important. COVID-19 is causing an uncertainty across industry sectors, and criminals as well as adversaries are increasing their cyber-attacks and taking advantage of our increased digital work from home dependence. It is especially important to protect the organizations that comprise the U.S. Defense Industrial Base.

Defined as the “worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements,” Defense industrial base networks host mission-critical information and operational assets vital to national security. If infiltrated, the ramifications could plague the U.S. national security strategy, hamper our warfighting edge, create chaos within the critical infrastructure and ultimately undermine adversary deterrence.

To effectively protect the Defense Industrial Base, the government and private sector must both work to secure the U.S. critical infrastructure. Organizations should prioritize collaboration to bolster the nation's cyber resiliency and collectively defend against malicious cyber actors' intent on doing us harm.

Proactively defend networks

It's widely known that, in an ideal world, organizations should stop threats before they reach their targets. However, to deter effectively, organizations need to have real-time situational awareness of their network infrastructure and supply chain, which can be a difficult undertaking.

Threat intelligence information sharing between the government and the private sector companies that comprise the Defense Industrial Base is essential to achieving a strategic view of an advanced threat actor.

Today, targets can only know what is happening to their own assets without insight into the attacker's intent. The Defense Industrial Base Cybersecurity Program allows both the DoD and private companies to share cyber threat information, mitigation and remediation strategies, which helps key players in both sectors increase cyber situational awareness and be more proactive in their security efforts. However, this program is currently voluntary, meaning that the crucial information uncovered within the program is only available to those who proactively join the program. Moving forward, both the public and private sectors must work to enact policies that require collaboration. It is no longer acceptable to rely on incident response protocols, performance assessments of existing systems and one-off reactions to threats without coordination. Increased information sharing is key to staying one step ahead of our adversaries.

Follow government-suggested guidelines

The U.S. government has dedicated time and resources to help secure the Defense Industrial Base, and organizations must act upon the recommendations provided. Earlier this year, the Cyberspace Solarium Commission released a report on the U.S. government's cyber readiness, which found that “the U.S. is currently not designed to act with the speed and agility necessary to defend the country in cyberspace.”

The commission's findings place an emphasis on protecting the Defense Industrial Base's intellectual property, and called on Congress to require that these firms share threat data with the DoD and conduct threat hunting on their networks. Both sharing threat data and conducting threat hunting are proven to result in increased defense of our networks.

A secure future

As noted in a recent LawFare blog, “Cyber-enabled intellectual property theft from the DIB and adversary penetration of DIB networks and systems pose an existential threat to U.S. national security.” Given the abundance of cyber-attacks focused on Defense Industrial Base networks, penetrating them is high on our adversaries' target list. They're currently zeroing in on the U.S. critical infrastructure, attempting to poach the intellectual property that secures our very nation. Until we are willing to come together across sectors to share threat data, and commit to hiring strong talent, we will remain at a disadvantage. Fundamentally, it is about trust and our ability to put the greater defense above individual interests. If accomplished, the U.S. cybersecurity posture and resiliency will remain strong, deterring malicious cyberattacks against our Defense Industrial Base.

https://www.c4isrnet.com/opinion/2020/07/15/the-key-to-securing-the-defense-industrial-base-is-collaboration/

On the same subject

  • Here’s what an intel chief thinks industry needs to know

    August 16, 2018 | International, C4ISR

    Here’s what an intel chief thinks industry needs to know

    By: Mark Pomerleau The director of the Defense Intelligence Agency had a pointed message for members of industry; whatever solution is pitched, it has to be understood in the context of how it will be used. Like many top defense leaders giving presentations nowadays, Lt. Gen. Robert Ashely, speaking Aug. 13 at the DoDIIS conference in Omaha, Nebraska, stressed the need for industry's help going forward to solve DIA's tough problems. However, solutions must not work just in the lab, but also in the operating environment military and intelligence leaders believe forces will be conducting operations in the future. “Through my career I've seen too many times the technology looks great in the lab ... but it doesn't scale to the battlefield,” he said. Full Article: https://www.c4isrnet.com/show-reporter/dodiis/2018/08/15/heres-what-the-dia-director-wants-industry-to-know/

  • Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

    May 8, 2024 | International, Security

    Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

    A newer version of the Hijack Loader malware has been observed with updated anti-analysis techniques to evade detection.

  • Royal Australian Air Force and US Air Force technicians on the tools together

    July 29, 2019 | International, Aerospace

    Royal Australian Air Force and US Air Force technicians on the tools together

    For the first time, No. 36 Squadron (36SQN) has worked to get United States Air Force (USAF) C-17A Globemasters back into the air under a new cross-servicing arrangement. Technicians from 36SQN were able to assist the crews of two USAF C-17As on separate tasks in Australia. The work came following both countries agreeing to a C-17A Aircraft Repair and Maintenance Service - Implementing Arrangement (ARMS-IA), which allows RAAF and USAF technicians to work on each other's C-17As. On 4 July , ARMS-IA was enacted to help support a USAF C-17A at RAAF Base Richmond. Warrant Officer (WOFF) Pete Ranson, Warrant Officer Engineering at 36SQN, said the request for assistance came via the Boeing Defence Australia representatives at RAAF Base Amberley. “We supplied a co-pilot Multi-Function Control Panel for the cockpit, fitted it and carried out the associated operational checks to verify the replacement,” WOFF Ranson said. “After that rectification, another unserviceability appeared, and was successfully rectified.” This issue related to a Secondary Flight Control Computer, and saw 36SQN engage fellow RAAF technicians at 37SQN for tooling and consumables. Throughout the repair on the USAF C-17A, RAAF and USAF technicians worked side-by-side. “The issues with the affected aircraft were outside the expertise of the USAF maintenance personnel on that task,” WOFF Ranson said. “The USAF aviation technician trades are more specialised than the RAAF, where we stream to either Aircraft Technician or Avionics Technician.” “We carry a broader experience in a range of tasks, and 36SQN maintenance personnel were able to guide the USAF counterparts in rectifying the jet.” The fix at RAAF Base Richmond came just days after 36SQN technicians assisted another USAF C-17A with a suspected fuel leak fault at Rockhampton. “On that occasion, we sent maintenance personnel to troubleshoot the problem,” WOFF Ranson said. “We found it was a faulty valve and not a fuel leak from the tank, which gave confidence to the USAF crew that they could carry on to an appropriate location to replace the valve.” Group Captain (GPCAPT) Steve Pesce, Officer Commanding No. 86 Wing, said the work of 36SQN technicians had immediately validated the ARMS-IA. “The ARMS-IA recognised the close relationship between RAAF and USAF C-17A communities, and the reality that we operate this aircraft a long way from home,” GPCAPT Pesce said. “Both of these examples witnessed a C-17A getting back on a task much sooner than would have been otherwise possible, which is invaluable support.” “I am very proud of the 36SQN team for the assistance it's rendered to its USAF counterparts.” https://www.jber.jb.mil/News/News-Articles/Article/1917908/royal-australian-air-force-and-us-air-force-technicians-on-the-tools-together/source/GovD/

All news