Retour aux nouvelles

19 décembre 2018 | International, C4ISR

DoD IG: Military networks are exposed to ‘unnecessary’ cyber risks

By:

The military services are exposing networks to “unnecessary cybersecurity risks” thanks in part to a lack of visibility over software application inventories, according to a Department of Defense Inspector General report.

The IG investigated whether DoD components rationalized their software applications by identifying and eliminating any duplicative or obsolete applications. Rationalizing software applications seeks to improve enterprise IT by identifying all software applications on the network; determining if existing applications are needed, duplicative or obsolete; and determining if applications already existing within the network prior to purchasing new ones.

The audit — which focused on Marine Corps, Navy and Air Force commands and divisions — found that the groups examined did not consistently perform this rationalization process. By not having visibility into software application inventories, these organizations were unable to identify the extent of existing vulnerabilities within their applications, the report found.

Moreover, such a process could lead to cost savings associated with eliminating duplicative and obsolete applications.

Fleet Forces Command was the only command the IG reviewed that had a process in place for eliminating duplicative or obsolete applications. The Air Force did not have a process in place to prevent duplication when purchasing new applications.

The report placed blame on the DoD chief information officer for not implementing a solution for software rationalization in response to Federal Information Technology Acquisition Reform Act requirements.

The IG made three recommendations for the CIO, who did not provide a response to draft recommendations:

  • Develop an enterprisewide process for conduction software application rationalization throughout DoD;
  • Establish guidance requiring DoD components to conduct rationalization and require DoD component CIOs to develop implementation guidance outlining responsibilities for rationalization. Such a policy should also require components on at least an annual basis to validate the accuracy of their owned and in use software applications inventory; and
  • Conduct periodic review to ensure components are regularly validating the accuracy of their inventory and they are eliminating duplicative and obsolete applications.

https://www.fifthdomain.com/dod/2018/12/18/dod-ig-military-networks-are-exposed-to-unnecessary-cyber-risks

Sur le même sujet

  • Aircraft makers lumber toward deal for Europe’s next-gen fighter jet

    1 décembre 2022 | International, Aérospatial

    Aircraft makers lumber toward deal for Europe’s next-gen fighter jet

    The Future Combat Air System can proceed, but mistrust and a lack of enthusiasm have colored the program.

  • COVID-19 Relief Bill Adds $10.4B For DoD; OKs Extending Gens. Goldfein, Lengyel & Raymond

    26 mars 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    COVID-19 Relief Bill Adds $10.4B For DoD; OKs Extending Gens. Goldfein, Lengyel & Raymond

    By THERESA HITCHENS on March 25, 2020 at 3:22 PM WASHINGTON: Congress is likely to approve almost $9.4 billion for the Defense Department to use to attack COVID-19 — a sum that includes direct operations and maintenance funding to the services, the National Guard and reserves. There is an additional $1 billion in the bill that may be made available for contracting under the TRICARE health care program — bringing the entire package to $10.4 billion. The DoD funding is part of the $2 trillion relief deal being beaten out between the White House and Congress, that includes significant assistance to the defense industry. “The administration's thinking about how to use the military has evolved substantially from the supplemental proposal the administration submitted just last week,” notes Mark Cancian, a defense budget expert at the Center for Strategic and International Studies. “In that proposal, DoD's funding consisted of an $8.3 billion transfer account. DoD would later decide where to put the money. In this bill, the amount has grown to $10.4 billion, and the destination accounts have been specified, though there is still a lot of uncertainty and slushy-ness.” According to the draft bill obtained by Breaking Defense, the biggest chunk goes to the Defense Health Program “to prevent, prepare for, and respond to coronavirus, domestically or internationally.” The program is allocated $3.8 billion, of which $3.4 billion is for operations and maintenance; $415 million is for research, development, test and evaluation. The funds will remain available until Sept. 30, 2020. The TRICARE funds are provided in a separate section, but will be available until Sept. 30, 2021. The Defense Working Capital Fund — which allows DoD to make investments in things like depot maintenance, transportation, and supply management in the near term and recoup the costs through future year pricing deals — gets $1.5 billion. The bill would add $160 million in O&M funding to the Army budget; $360 million to the Navy; $90 million to the Marines; and $155 million to the Air Force. Defense wide O&M funds would be pumped up by $828 million. The Army National Guard is set to receive $187 million in O&M dollars and the Army Reserve is allocated $48 million; the Air National Guard would receive another $76 million. The Army and Air National Guards also would receive a plus up of $750 million and $480 million respectively in military personnel funds. Apart from new funds, the draft bill would allow President Donald Trump to extend the tenure of Air Force Chief Gen. David Goldfein, Space Force Chief Gen. Jay Raymond, and National Guard Bureau Chief Gen. Joseph Lengyel, among other military leaders set to retire — a move apparently made to avoid a change of hands during the current crisis. The extension can be for up to 270 days. Goldfein currently is set to retire in June. Raymond is doubled-hatted as chief of the Space Force and head of Space Command, but only for a year as mandated by the 2020 National Defense Authorization Act. Further, while DoD is given wide latitude to move the new money around to where it is needed, it specifically bans any funds being moved to fund Trump's southern border wall by preventing any transfer to DoD “drug interdiction or counter-drug activities.” Finally, Cancian noted that the language gives DoD “flexibility on contracts and contract decision authority.” The bill would allow DoD Secretary Mark Esper able to delegate authorities for emergency transactions at his discretion. https://breakingdefense.com/2020/03/covid-19-congress-likely-to-slate-9-4b-to-dod-for-response

  • White House radio spectrum access plan may benefit internet, drones

    13 novembre 2023 | International, Aérospatial

    White House radio spectrum access plan may benefit internet, drones

    As much as 2,786 megahertz of spectrum may be repurposed for wireless broadband, drones and satellites.

Toutes les nouvelles