Last month, the GovCyberHub sat down with Parham Eftekhari, the Executive Director of the Institute for Critical Infrastructure Technology (ICIT), to talk about the key trends and topics of discussion at the organization’s 2019 Fall Briefing. During that discussion, Mr. Eftekhari talked about the need for more leadership in federal cybersecurity and also discussed some of the unique cybersecurity challenges that the U.S. Department of Defense (DoD) faces as a result of its large ecosystem of vendors and contractors.
“If you look at the sheer volume of the acquisitions that the DoD does every year from a software and hardware and equipment perspective, securing that supply chain is something that is going to be a multi-decade effort,” Mr. Eftekhari said. “This is not something that’s going to happen in one administration, and that’s something people need to acknowledge and not get frustrated with. This is a marathon, even multiple marathons.”
But it’s not just the scope and size of the DoD vendor and contractor ecosystem that causes cybersecurity challenges. Cybersecurity vulnerabilities also result from the sophistication of some of the smaller contractors that the DoD works with – a problem that is compounded when larger contractors work with smaller subcontractors further down the supply chain.
ICIT recently conducted an insightful interview with Ernie Magnotti, the CISO at defense contractor, Leonardo DRS. During the interview, Mr. Magnotti laid out some of the reasons why smaller government contractors may struggle to meet DoD cybersecurity standards and how new regulations could make the DoD even less secure.
To continue reading,please fill out the form below.