Military Must Move Out to Implement Zero Trust
The Cyber Edge
October 1, 2021
By Col. Dean Hullings, USAF (Ret.)
Don’t start from scratch on cybersecurity strategy.
With no end in sight to the ever-increasing cybersecurity challenges, the federal government must move quickly and deliberately to adopt an architecture to protect against all outside threats. This means building on existing strengths and bolstering cybersecurity strategies.
In March, the U.S. Government Accountability Office (GAO) published a report on the precarious state of security for military weapons systems. Previously, in 2018, the GAO raised concerns about the U.S. Defense Department facing “mounting challenges in protecting its weapon systems from increasingly sophisticated cyber threats” due to “the computerized nature of weapon systems; DoD’s late start in prioritizing weapon systems cybersecurity; and DoD’s nascent understanding of how to develop more secure weapon systems.”
The more recent report indicates that the Defense Department has made some progress since 2018 to make its network of high-tech weapon systems less vulnerable by using such methods as enhanced testing. However, it also reveals that agencies are not universally writing cybersecurity standards into contract language. Among the four military services reviewed, only the Air Force has issued service-wide guidance on how acquisition programs should define cybersecurity requirements and how to include those in contracts. Some contracts reviewed had no such conditions when they were awarded, according to the GAO.
https://www.afcea.org/content/military-must-move-out-implement-zero-trust
