https://www.defenseone.com/threats/2019/12/small-contractors-struggle-meet-new-cyber-security-standards-pentagon-finds/161625/
By Marcus Weisgerber
Defense One
December 2, 2019
Even large companies aren’t doing as well as they think they are, the
assistant acquisition chief said Monday.
Small companies are struggling to meet the Pentagon’s newish network
security rules, and even larger contractors aren’t doing as well as they
think they are, a recent department study has found.
“For the most part, the big companies do very well,” Kevin Fahey,
assistant defense secretary for acquisition, told reporters at the
Pentagon on Monday. “But in no case do they meet everything that they
thought they met.”
For one thing, big companies tend to give their smaller subcontractors a
lot of data they don’t need, which then becomes vulnerable to foreign
hackers.
“The biggest part of our training and the problem is that our adversaries
don’t try to come in through the big companies, they come in through the
fifth-, sixth-tier,” Fahey said. “If you’re flowing down information they
don’t need, then that’s bad. That’s where we’re seeing our biggest
problem.”
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
