New Guidelines Could Help Secure America’s Defense Technology

Last week, the Pentagon released
new guidelines on cybersecurity that it hopes will represent a big step forward
for protecting American national security if implemented right.  

Designed to improve the cybersecurity of Department of
Defense contractors, the Cybersecurity Maturity Model Certification should strengthen
cybersecurity practices throughout the supply chain, which would lead to more hardened
defenses and fewer weak links that can be exploited by adversaries.

Malicious cyber activity cost the America economy $57
billion to $109
billion in 2016, and the threat
continues to rise.  

America’s key adversaries—China, Russia, Iran, and North Korea—all have cyber forces and affiliated hackers that target U.S. networks for a variety of reasons, most prominently to steal intellectual property.  

The Chinese are perhaps the largest culprits. Secretary of Defense Mark Esper has called Chinese 5G networks “the greatest intellectual property theft in human history.”

This new guidance will reduce these risks by requiring companies to meet certain cybersecurity requirements to do business with the Pentagon. The Cyber Maturity Model Certification is a set of guidelines that companies will have to meet, with varying levels of sophistication depending on the security of a given project.

The levels range from basic cyber hygiene and security protocols at Level 1, up to advanced cybersecurity measures able to withstand attempts by advanced hackers and advanced persistent threats at Level 5.

The required levels will begin appearing in Requests for
Information for defense projects around June 2020, and ultimately will extend
to all companies that do business with the Department of Defense.

Kate Arrington, who serves as the chief information security
officer for the Office of the Under Secretary of Defense for Acquisition, said
the first certifications almost certainly won’t be issued until 2021 but that
all companies will be expected to have achieved certification by 2026.  

Improving the cybersecurity of these companies is vital
given the threats they face from foreign hackers looking to steal or compromise
defense technology.

The theft or compromise of sensitive defense technology is even more dangerous in the defense sphere when viewed in the context of America’s growing competition with China.

The Heritage Foundation’s Index of U.S. Military Strength details the increasing Chinese military threat, which continues to grow rapidly with the help of the secrets it has stolen.

Improving the cybersecurity in the defense supply chain is a national security priority, and this should prove an effective tool for that mission.