CYBER SUPPLY CHAIN SECURITY: CAN THE BACKDOOR BE CLOSED WITH TRUSTED DESIGN, MANUFACTURING AND SUPPLY

Abstract

There are significant cybersecurity challenges confronting the Department of Defense (DoD) and other U.S. departments and agencies due to their reliance on globalized information technology (IT) marketplace with insufficient security measures in place for a cyber supply chain providing vital IT products destined for mission critical systems. An unsecured globalized cyber supply chain provides amply opportunity for malicious actors to compromise, corrupt, and introduce counterfeit cyber components destined for critical government systems designed to protect and defend U.S. national security. The literature describes a cyber marketplace and supply chain driven by costs, which has created numerous vulnerabilities. It also identifies U.S. directives, policies, and techniques that have done little in securing the cyber supply chain. This paper utilizes a problem/solution framework and focuses on some prevalent cyber supply chain security issues a globalized IT marketplace has with counterfeit parts, malicious state and non-state actors and that can potentially build in backdoors that threaten cybersecurity for all. Solutions to this complex problem will focus on mitigation efforts the DoD and other U.S. departments and agencies can take by adding required education and training, evaluating procurement decisions, enhancing testing procedures, and by building partnerships in order to work trust and integrity back in its cyber supply chain.

Document Details

Document Type

Technical Report

Publication Date

Aug 01, 2016

Accession Number

AD1040724

Entities

Tags