The U.S. Department of Defense recently issued its 2024 Defense Industrial Base (“DIB”) Cybersecurity Strategy. The purpose is to provide actionable items that both the DoD and defense contractors can use. In implementing the cybersecurity strategy, the DoD hopes to: strengthen the DoD governance structure for DIB cybersecurity; enhance the cybersecurity posture of the DIB; preserve the resiliency of critical DIB capabilities in a cyber-contested environment; and improve cybersecurity collaboration with the DIB.
As part of the cybersecurity strategy, the DoD identified specific services and support for all members of the DIB, including defense contractors.
Defense contractors will have access to free:
- (1) network traffic monitoring and threat detection through the DoD-DIB Collaborative Information Sharing Environment and Protective Domain Name System; (2) evaluation of an organization’s cybersecurity program by DCSI or through self-assessment (Cyber Resilience Analysis), all provided through the Department of Defense Cyber Crime Center.
- (3) evaluation of an organization’s vulnerability to threats through network mapping, vulnerability scanning, and phishing assessments (Adversary Emulation); (4) find and fix issues relating to internet-facing assets (Attack Surface Management), both provided through the National Security Agency Cybersecurity Collaboration Center.
- (5) help sessions and webinars, which are also publicly accessible, are available here through the Department of the Navy’ Blue Cyber Initiative.
Defense contractors will be given access to free and paid cybersecurity services, including information, resources, tools, and training through Project Spectrum, a cybersecurity strategic partnership between various government programs.
Given the continued development of the DoD’s cybersecurity framework through the Cybersecurity Maturity Model Certification 2.0 and the rise in cyber-attacks on private contractors, defense contractors may consider accessing these free resources to develop greater resistance to cyber threats.
This article summarizes aspects of the law and does not constitute legal advice. For legal advice for your situation, you should contact an attorney.
Sign up