Enable breadcrumbs token at /includes/pageheader.html.twig

Securing the Defense Industrial Base

Cybersecurity is at the forefront of protecting the nation and its warfighters. Modern capabilities such as cloud and zero trust help achieve that mission.

The defense industrial base supports and protects national security through partnerships with government agencies, military, academic, nonprofits and allied partners. Credit: Bill Chizek/Shutterstock

As the threat landscape evolves, the need for investments to strengthen cyber postures and secure critical infrastructure—and support the defense industrial base (DIB)—is paramount.

As a network of government, commercial and academic institutions, the DIB provides the Department of Defense (DoD) with materials and services necessary to protect national defense.

“We are going to continue to face threats not only from cyber criminals but threats from foreign powers such as China, Iran, Russia and North Korea,” a Cybersecurity and Infrastructure Security Agency (CISA) spokesperson told SIGNAL Media. As America’s cyber defense agency and the national coordinator for critical infrastructure security, CISA works closely with the DoD, which is the designated Sector Risk Management Agency.

In accordance with the FY 2021 National Defense Authorization Act, CISA will be releasing a new DIB sector-specific plan soon, the spokesperson shared. No other industry focuses on cybersecurity as acutely as the DIB, says Jabari Gordon, defense industrial base account director at Lumen Technologies.

Having previously worked at Microsoft, Gordon’s experience with the DIB dates back more than eight years. “When I started out in technology sales,” he told SIGNAL Media, “most of the defense industrial base companies were averse to cloud technologies. It was a new frontier.” Today, cloud capabilities are recognized as necessary to carry out mission objectives efficiently and effectively.

Additionally, zero trust is at the forefront of national security discussions among DIB decision-makers, Gordon added. “Fortifying your network so that every identity that touches the network is valid.”

More importantly, zero-trust networks prevent the leakage of sensitive information. “Either folks with malicious intent or folks that don’t have malicious intent that make simple mistakes, the DIB adopting zero-trust methodologies has taken precedence over a lot of the other initiatives that we’ve seen over the past couple of years.”

The Cybersecurity Maturity Model Certification (CMMC) program, which is now in its second iteration, streamlines requirements to three levels of cybersecurity and aligns each with the National Institute of Standards and Technology cybersecurity standards.

Launched in September 2020, the CMMC program outlined the basic features of a cybersecurity framework. Officials made changes to the program following further assessment by cybersecurity and acquisition leaders within the DoD to refine policy and implementation.

The CMMC 2.0 program was announced in November 2021 to “reinforce the importance of DIB cybersecurity for safeguarding the information that supports and enables our warfighters.” The program includes three key features: a tiered model; assessment requirements; and implementation through contracts. However, varying interpretations of security and compliance requirements remain one of the key challenges for commercial companies looking to work with governing bodies such as the DIB. “When there’s fuzziness around those interpretations, it can add to the amount of time it takes to implement those services,” Gordon said.

“Leaders across the DIB are looking for solutions built into the platforms versus looking for add-ons,” he added.

Founded in 1930 as a telecommunications company, Lumen Technologies has worked with the DIB for years, as contracts prove, most recently winning a $1.5 billion contract from the Defense Information Systems Agency to “provide essential network transport and communications services in the U.S. Indo-Pacific Command Area of Responsibility,” according to a press release.

“We also have what’s called our Innovation Lab, where we invest in R&D to bring new solutions to bear,” Gordon offered. Modern technologies such as artificial intelligence and machine learning will be focused on defense manufacturing to further protect national security interests.

Critical infrastructure and national security are centered around cybersecurity. The defense industrial base cannot remain secure without cybersecurity policies and guidelines. Photo by Senior Airman Anthony Nin Leclerec, Joint Base Langley-Eustis, 2020

The need for an industrial complex was proven necessary following World War II. Pictured are Army soldiers of Battery B, 687th Field Artillery Battalion, preparing to fire a 240 mm Howitzer into German-held territory near Mignano, Italy, January 1944. Photo by Katie Lange, National Archives

At the National Security Agency, the Cybersecurity Collaboration Center, also known as the CCC, works to educate and train for a cyber-safe community. By working with industry and international partners, the CCC hardens and secures the DIB by pinpointing cyber threats and creating guidance among emerging activities and technologies.

Additionally, the National Security Agency offers companies free cybersecurity services that have contracts with the DoD or access nonpublic DoD information. Those include the Protective Domain Name System, which blocks users from connecting to malicious domains; Attack Surface Management to detect and resolve issues before they become risks; and Threat Intelligence Collaboration, which has exposed active exploitation attempts. Of note, all services are compliant with CMMC and National Institute of Standards and Technology guidelines.

Proving its success, CCC has helped block over 1 billion malicious activities, identified over a million network vulnerabilities and found over 202,000 vulnerable IP partners.

“When the pace of development is high, security can often be a secondary consideration,” a CISA representative stated. For example, President Biden’s recent executive order 141100 to promote a safe development and use of artificial intelligence is being assessed and implemented by CISA, according to the source.

The defense industrial base has significantly evolved since its unavoidable spark following World War II. The Cold War—along with North Korea’s invasion of South Korea in 1950—triggered an increase in spending for national security and defense. Since then, the DIB has been “a source of long-term strategic advantage for the United States, just as it was during World War II,” according to a study by Barry Watts for the Center for Strategic and Budgetary Assessments.

While in the 1950s the DIB existed for tanks and airplanes, today’s landscape involves cybersecurity and the protection of U.S. infrastructure.

However, one most important element and goal for all industry partners and decision-makers across the DIB remains the same: ensure that warfighters come home at the end of their mission.