Some of the biggest threats facing the United States government are found lurking online. The Department of Defense (DoD) is pivoting its focus to information technology security and critical data protection after successful hacking campaigns from China, Russia, and other countries in recent years. Cybersecurity risk management will be a top priority as the DoD readjusts as a global military leader in the digital business age.
According to a report from The National Defense Industrial Association, the defense industry was plagued with security weaknesses in 2020. In the annual Vital Signs report, the NDIA and data company Govini assessed defense contractors as unprepared for the challenges brought on by COVID, and awarded a grade of C for the industry’s lackluster 2020.
It’s clear that employing a universal, secure, and online-driven business model would be in the mutual interest of defense contractors and the DoD alike. “Cybersecurity must move beyond perimeter defense to ensure the internal environment is protected as well. There’ll be more partnership, both partnership amongst industrial players, as well as partnership between governments to evolve technologies more rapidly,” said Northrop Grumman Chief Executive Officer and President Kathy Warden.
The largest effort put forth by the defense industrial base in fine-tuning online security protocols is the Cybersecurity Maturity Model Certification (CMMC). This model fundamentally changes the process of how over 3,000 contractors will be allowed to work with and supply products for the DoD. A 15-person Accreditation Board, comprised of volunteers from the defense and cybersecurity industries, oversees the accreditation of thousands of certifiers and third-party assessment organizations who vet contractors by running advanced cybersecurity tests.
Although the work is technically implemented in the private sector, the DoD conceived of the actual model. And in addition to strengthening sensitive government data systems against cyberattacks, CMMC doesn’t change costs drastically, with most contractors in the industry needing only a level 1 (out of five) certification at an estimate of $3,000 every three years.
Joint All-Domain Command and Control is an initiative from the DoD targeted at rejuvenating the military’s command and control infrastructure with managed IT solutions and cooperative networks of sensors and databases. Some of JADC2’s flagship programs are the Army’s Project Convergence and the Air Force's Advanced Battle Management System.
The Air Force has also contracted Kinetica to facilitate a data warehousing program capable of uniting physically independent systems to create heightened situational awareness for operators. This powerful, comprehensive military database is housed on Amazon Web Services’ GovCloud with tech from NVIDIA and Intel. The Defense Information Systems Agency currently provides joint regional security stacks for key military services as part of a modernization plan to upgrade bandwidth with multiprotocol label switching for the Defense Information Systems Network.
As innovations drive military operations online, the DoD is positioned well to perfect CMMC and prevent further high-level security breaches. Booming business for domestic and foreign contractors, and a hopefully data breach-free new executive administration will shine a bright light for the U.S. on the world security stage.