News   Science & Tech

DOD Working to Improve Cybersecurity for Its Industrial Base

March 3, 2022 | BY David Vergun , DOD News

The Defense Department's industrial base is huge, encompassing some 220,000 companies. With criminals and nefarious state actors intent on stealing intellectual property or taking down networks, cybersecurity is a huge concern for the department, the companies and national security. 

A worker works on aircraft.
Talon Maintenance
Contractors conduct routine maintenance on a T-38 Talon inside a maintenance hangar at Vance Air Force Base, Okla., Feb. 10, 2020.
Photo By: AIr Force Senior Airman Taylor Crul
VIRIN: 200210-F-CQ002-1035

As a result, the department is bolstering defense industrial base cybersecurity by sharing threat information, offering easy-to-implement ways the industrial base can shore up its own cyber defenses, and looking for ways to make further improvements as the threat continues to evolve, according to a DOD panel that spoke during a recent town hall

"I think we've thwarted a good number of attacks by our intelligence sharing and your sharing of information about things going on in your network," said David McKeown, DOD's chief information security officer and deputy chief information officer for cybersecurity. 

In addition to intelligence sharing, the department requires industrial base companies to achieve Cybersecurity Maturity Model Certification, which sets the minimum cybersecurity requirements for companies, he said, noting that the department has been working to streamline those requirements to make it easier for companies to comply. 

He also said the department wants companies to review the National Institute of Standards and Technology's special publication 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations."'

Worker works on aircraft.
Aircraft Work
Wayne Daigle, 3D media project manager, closes a B-1B Lancer aircraft auxiliary power unit access panel at Dyess Air Force Base, Texas, Aug. 3, 2020. Daigle and another contractor serviced the APU after completing training on a virtual reality system.
Photo By: Air Force Staff Sgt. David Owsianka
VIRIN: 200803-F-CB366-1062A

A third requirement, he said, is that if there's a major cybersecurity breech, it must be reported within 72 hours to the DOD Cyber Crime Center. The center’s hotline is 410-981-0104 or 877-838-2174, and the website is https://dibnet.dod.mil.  

"We would love to see you go beyond those requirements," McKeown said. 

An excellent place to start is by visiting https://dibnet.dod.mil, which is DOD's gateway for defense contractor reporting and voluntary participation in DOD's Defense Industrial Base Cybersecurity Program, he said. 

On that site, companies can report a cyber incident, as well as become a DOD voluntary public-private cybersecurity partner, he said. The site also has points of contact for anyone having questions or needing additional information. 

A worker cuts steel.
Hangar Work
Jamal Outlaw cuts a flat bar in the hangar bay aboard the aircraft carrier USS John C. Stennis in Norfolk, Va., March 10, 2020.
Photo By: Navy Petty Officer 3rd Class Jarrod A. Schad
VIRIN: 200310-N-HX510-2016A

DOD Partnerships 

The defense industrial base is one of 16 critical infrastructure sectors, identified in the presidential policy directive "Critical Infrastructure Security and Resilience", said Kristi Hunt in the office of the undersecretary of defense for policy. 

That document spells out the policy for how the federal government will work to build trust with those sectors, how those sectors will work with other sectors, and how the whole effort for public-private partnership will advance national unity of effort to strengthen and maintain secure functioning and resilient critical infrastructure, she said. 

Hunt said her agency works closely with the Department of Homeland Security and the Office of the Director of National Intelligence, sharing mitigation strategies, threat indicators, critical incidents and best practices. 

Kristina Walter, chief of defense industrial base cyber defense at the National Security Agency, said, "NSA has great insight into foreign actors targeting DOD Information on DOD networks, national security system as well as defense industrial base networks." 

A worker drills steel.
Ship Driller
Newport News Shipbuilding contractor Pablo Negrete drills holes in a support beam aboard the aircraft carrier USS John C. Stennis in Newport News, Va., Sept. 30, 2021.
Photo By: Navy Petty Officer 2nd Class Thomas Pittman
VIRIN: 210930-N-IK880-1011

However, the NSA must rely on industry partners to mitigate cybersecurity threats, she said. 

"You are experts in your networks. We understand what foreign actors are doing, and when we work together, we can understand more rapidly what's happening and address the issue," she said. 

The NSA, in partnership with the FBI, has set up a collaboration channel to get out as much information before an incident occurs, she said. More information can be found at https://www.nsa.gov/About/Cybersecurity-Collaboration-Center/.

Krystal Covey, director of DOD's Defense Industrial Base Collaborative Information Sharing Environment, said the Defense Cybercrime Center hosts cybersecurity conferences and performs malware analysis, publishes cyber threat analyses, and shares actionable cybersecurity incidents. 

Covey said that although only cleared defense contractors are covered by Code of Federal Regulations, Title 32, Part 236, there is work within the department to incorporate other companies into this program. 

For More Information 

DOD Focused on Protecting the Defense Industrial Base From Cyber Threats 

Link to Town Hall video on DVIDS 

Link to  DOD CIO slides on DOD CIO library