Unclassified and Secure: A Defense Industrial Base Cyber Protection Program for Unclassified Defense Networks
Abstract
The defense industrial base (DIB) is under attack. Foreign actors are stealing large amounts of sensitive data, trade secrets, and intellectual property every day from DIB firmscontributing to the erosion of the DIB and potentially harming U.S. military capabilities and future U.S. military operations. In 2018, the U.S. Secretary of the Navy noted, attacks on our networks are not new, but attempts to steal critical information are increasing in both severity and sophistication. The U.S. Department of Defense (DoD) has taken steps to better secure systems against cyber threats, but most well-established protections in place focus on classified networks, while unclassified networks have become an attractive backdoor entrance for adversaries seeking access to cutting-edge technologies and research and development efforts. DoD simply lacks a comprehensive strategy for protecting the unclassified networks of DIB firms. To address this problem, DoD has increased regulations and introduced new security controls, but the current approach may be insufficientDIB firms cannot keep up. Cybersecurity is necessary but also expensivea suite of cybersecurity tools requires expertise to use, and the required combination of tools and skilled professionals may not be affordable for many DIB firms. Furthermore, the regulatory environment is complex and challenging to navigate, even for large firms with robust cybersecurity teams.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2020
- Accession Number
- AD1097634
Entities
People
- Daniel L Gonzales
- Julia Brackup
- Karlyn D. Stanley
- Lindsey Polley
- Mary K. Adgie
- Sarah Harting
Organizations
- RAND Corporation