An official website of the United States Government 
Here's how you know

Official websites use .gov

.gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock ( lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

DOD Releases Strategy to Bolster Cybersecurity Across Industrial Base

The Pentagon today released its first strategy aimed at enhancing cybersecurity across defense industry stakeholders.

The Defense Industrial Base Cybersecurity Strategy plots a course for increased focus and collaboration between the Defense Department and the U.S. defense industrial base on cybersecurity initiatives amid what officials say are persistent cyberthreats.

"Our adversaries understand the strategic value of targeting the DIB," said David McKeown, DOD's deputy chief information officer for cybersecurity. "Private sector DIB contractors are at risk for malicious cyber activities by adversaries and nonstate actors alike," he said. "Working in conjunction with the DIB, we can better ensure the safety of critical information and unauthorized disclosure of that information."

A man and woman wearing civilian attire sit at a table.
Media Roundtable
Defense Department Senior Information Security Officer, and Deputy Chief Information Officer for Cybersecurity David McKeown and Chief Defense Industrial Base Cybersecurity, Office of the DOD Chief Information Officer Stacy Bostjanick conduct a Defense Industrial Base Cybersecurity Strategy media roundtable at the Pentagon, March 28, 2024.
Photo By: Navy Petty Officer 1st Class Alexander Kubitza
VIRIN: 240328-D-PM193-1286

McKeown, who also serves as DOD's senior information security officer, was joined by Stacy Bostjanick, DOD's chief of defense industrial base cybersecurity, in unveiling the strategy at the Pentagon. 

"We need to get on top of this extremely complex challenge," Bostjanick said. "This is a well contemplated, multifaceted, agile and nuanced response to the constant and evolving challenge [of] securing the DIB against malicious cyber activity."

The strategy lays out DOD's vision over the next three years for a secure, resilient and technologically superior U.S. defense industrial base to ensure the United States' warfighting edge.  

It outlines four goals aligned with that vision: 

Strengthening DOD's governance structure for U.S. defense industrial base cybersecurity;
Enhancing the cybersecurity posture of the U.S. defense industrial base;
Preserving the resiliency of critical defense industrial base capabilities in a cyber-contested environment; and
Improving cybersecurity collaboration between DOD and the U.S. defense industrial base.

Central to the goal of strengthening DOD's cybersecurity governance structure are efforts to bolster interagency collaboration and develop regulations that will further govern the cybersecurity responsibilities of contractors and subcontractors.

In terms of enhancing the DIB's cybersecurity posture, the strategy outlines steps to evaluate compliance with departmental cybersecurity requirements and evaluate the effectiveness of regulations and requirements. It also outlines steps to improve cyber-related threat and intelligence information with industry partners, identify vulnerabilities and recover from malicious cyber activity.

The strategy also directs the department to prioritize cyber resiliency among critical defense production capabilities and establish policies that reflect a focus on cybersecurity for key suppliers. 

That focus aligns with broader department guidance, including the 2022 National Defense Strategy and the 2023 National Cybersecurity Strategy.  

The newly released document also responds to a requirement to develop a comprehensive plan to ensure the reliability and integrity of production nodes for critical weapons systems outlined in the 2023 strategy.

A man operates a computerized manufacturing machine.
Machine Shop
A machinist monitors a computerized lathe in the manufacturing machine shop at Fleet Readiness Center East in Cherry Point, N.C., Jan. 3, 2024.
Photo By: Heather Wilburn, DOD
VIRIN: 240103-N-AC707-1002N

The cybersecurity strategy also marks a continuation of the department's efforts to ensure the defense industrial base meets the demands of a challenging national security landscape.  

Earlier this year, the Pentagon released the National Defense Industrial Strategy, which lays out long-term priorities that will guide DOD's actions to create a modern, resilient defense industrial ecosystem designed to deter U.S. adversaries and meet the production demands posed by evolving threats.   

The NDIS focuses on four key areas critical to building a modernized defense industrial ecosystem over the next three to five years. Those areas are resilient supply chains, workforce readiness, flexible acquisition and economic deterrence. 

The newly released cybersecurity strategy further builds upon that collaboration between DOD and its industry partners.  

"We have identified opportunities to bolster [the] cybersecurity of our DIB partners, which will improve our overall cybersecurity of the U.S.," said Deputy Defense Secretary Kathleen Hicks in a statement accompanying the release of the strategy. "As our adversaries continuously seek information about U.S. capabilities, the department, in coordination with the DIB, must remain resilient against these attacks and succeed through teamwork to defend the nation."

Related Stories