Cybersecurity

DOD IG audit cites five programs for updating cyber requirements

threat detection 

The Defense Department inspector general praised five military weapons program offices that have successfully been updating cybersecurity requirements necessary to protect their systems against identified threats, according to a new report.

The Feb. 10 report, which does not explain what prompted the audit, examines the cybersecurity practices of one Army program, one from U.S. Special Operations Command, two Navy and two Air Force programs. All five programs are considered to be in the final stages of their acquisition lifecycle in which the technology has been proven and requires sustainment until it is retired.

The cybersecurity threat to the Pentagon's weapon systems is exacerbated by the age of its programs, which were designed years and even decades before modern cyber capabilities were developed.

The Air Force's B-2 Spirit Bomber, which was one of the programs the IG reviewed, was created and introduced into military service in the 1980s and 1990s. It has been in the final stage of its acquisition lifecycle -- operations and sustainment -- for 16 years.

"Because the O&S phase of the acquisition life cycle may last for years, DOD Components must continue to emphasize the protection of weapon systems by mitigating cyber threats throughout the O&S phase," the IG report said.

Government watchdogs in recent years have warned the military that its weapon systems face the same kinds of cybersecurity threats associated with internal business systems.

The Government Accountability Office in 2018 not only told the Pentagon about these threats but demonstrated them.

"Using relatively simple tools and techniques, testers were able to take control of systems and largely operate undetected, due in part to basic issues such as poor password management and unencrypted communications," GAO auditors stated in the report.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


Featured

  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected