https://www.infosecnews.org/unclassified-and-secure/
By William Knowles @c4i
Senior Editor
InfoSec News
April 12, 2020
A new report from the RAND Corporation, by Daniel Gonzales, Sarah Harting, Mary
Kate Adgie, Julia Brackup, Lindsey Polley, and Karlyn D. Stanley
The defense industrial base (DIB) is under attack. Foreign actors are stealing
large amounts of sensitive data, trade secrets, and intellectual property every
day from DIB firms — contributing to the erosion of the DIB and potentially
harming U.S. military capabilities and future U.S. military operations. The
U.S. Department of Defense (DoD) has taken steps to better secure systems
against cyber threats, but most protections in place focus on classified
networks, while unclassified networks have become an attractive entrance for
adversaries seeking access to cutting-edge technologies and research and
development efforts. To address this problem, DoD has increased regulations and
introduced new security controls, but the current approach may be insufficient.
This report offers DoD a way ahead to better secure unclassified networks
housing defense information — through the establishment and implementation of a
cybersecurity program designed to strengthen the protections of these networks.
The program offers a means for DoD to better monitor the real-time health of
the DIB and ensure that protections are in place to prevent the disclosure of
sensitive corporate information from DIB firms or sensitive supply chain
information across the DIB. The program also includes a means to offer
qualified small DIB firms access to cybersecurity tools for use on unclassified
networks, for free or at a discounted rate, to ensure that affordable
protections are accessible to all DIB firms. Advanced persistent threats and
sophisticated cyber attacks will not stop, but this program can help build
stronger defenses, develop more-coordinated responses, and help maintain the
technological superiority of U.S. military forces.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
