DOD's market power

The Defense Department's latest effort to strengthen the security of its information systems and networks is largely an economic gambit — and one that will succeed or fail based on the department's ability to follow through on the initial premise.

Beginning July 1, many key commercial software products — including Web browsers, operating systems and databases — must be certified as secure using an international standard known as Common Criteria. If a product fails, it's off-limits to DOD buyers.

DOD is sending a message to two audiences. Ostensibly, the policy is intended to ensure that, on a case-by-case basis, Defense organizations do not buy commercial products that come with security gaps that hackers might exploit.

But the department also is attempting to exercise its considerable buying powers to influence the information technology market. By threatening to ban products that have not been certified, DOD officials are hoping to spur development of more secure software.

Its influence, though not what it was before the last IT market boom, is still significant. Microsoft Corp., among other vendors, has made changes to its core software products to accommodate DOD requirements. Vendors often would rather invest money in making changes than lose millions of dollars of potential business.

But that approach does not guarantee success. For many years, DOD required vendors to have their software certified under the Trusted Computer System Evaluation Criteria. Many vendors, though, were granted waivers, and those who actually invested the time and money to have their products certified found little interest from their customers.

In playing the economic card this time around, the department needs to convince both buyers and sellers that it intends to enforce the policy. If enforcement were lax and loopholes plentiful, contracting officers would quickly resort to old habits. If that happens, and vendors do not see sufficient returns on their investments, they will not play along.

DOD's clout is only as good as its will is strong.


We welcome your comments. To send a letter to the editor, use this form.

Please check out the archive of Letters to the Editor for fellow readers' comments.


  • Budget
    Stock photo ID: 134176955 By Richard Cavalleri

    House passes stopgap spending bill

    The current appropriations bills are set to expire on Oct. 1; the bill now goes to the Senate where it is expected to pass.

  • Defense
    concept image of radio communication (DARPA)

    What to look for in DOD's coming spectrum strategy

    Interoperability, integration and JADC2 are likely to figure into an updated electromagnetic spectrum strategy expected soon from the Department of Defense.

Stay Connected