G2TT
来源类型Report
规范类型报告
DOIhttps://doi.org/10.7249/RR4227
来源IDRR-4227-RC
Unclassified and Secure: A Defense Industrial Base Cyber Protection Program for Unclassified Defense Networks
Daniel Gonzales; Sarah Harting; Mary Kate Adgie; Julia Brackup; Lindsey Polley; Karlyn D. Stanley
发表日期2020-03-30
出版年2020
语种英语
结论

DoD's current approach to defending DIB firms against cyber attacks is inadequate

  • The cybersecurity architectures of small DIB firms are likely to be deficient in several key areas: user authentication, network defenses, vulnerability scanning, software patching, and security information and event management, or cyber attack response.
  • Current DoD cybersecurity requirements are unaffordable for many small and some medium-sized DIB firms.
  • DoD's voluntary cyber threat sharing service is not available to many DIB firms.
  • New cybersecurity tools can significantly strengthen the cyber defenses of DIB firms, but most small DIB firms cannot afford them.
摘要

The defense industrial base (DIB) is under attack. Foreign actors are stealing large amounts of sensitive data, trade secrets, and intellectual property every day from DIB firms — contributing to the erosion of the DIB and potentially harming U.S. military capabilities and future U.S. military operations. The U.S. Department of Defense (DoD) has taken steps to better secure systems against cyber threats, but most protections in place focus on classified networks, while unclassified networks have become an attractive entrance for adversaries seeking access to cutting-edge technologies and research and development efforts. To address this problem, DoD has increased regulations and introduced new security controls, but the current approach may be insufficient.

,

This report offers DoD a way ahead to better secure unclassified networks housing defense information — through the establishment and implementation of a cybersecurity program designed to strengthen the protections of these networks. The program offers a means for DoD to better monitor the real-time health of the DIB and ensure that protections are in place to prevent the disclosure of sensitive corporate information from DIB firms or sensitive supply chain information across the DIB. The program also includes a means to offer qualified small DIB firms access to cybersecurity tools for use on unclassified networks, for free or at a discounted rate, to ensure that affordable protections are accessible to all DIB firms. Advanced persistent threats and sophisticated cyber attacks will not stop, but this program can help build stronger defenses, develop more-coordinated responses, and help maintain the technological superiority of U.S. military forces.

目录
  • Chapter One

    Introduction

  • Chapter Two

    Defining the Defense Industrial Base

  • Chapter Three

    Current Defense Industrial Base Protections

  • Chapter Four

    Current Cost and State of Cybersecurity

  • Chapter Five

    Cybersecurity Tools

  • Chapter Six

    Alternative Defense Industrial Base Cybersecurity Protection Frameworks

  • Chapter Seven

    Conclusions

  • Appendix A

    Detailed Network Diagrams for Cyber Protection Framework

  • Appendix B

    Cybersecurity Tools from Select Cybersecurity Firms

  • Appendix C

    Data Loss Prevention Tools

主题Cybersecurity ; Defense Infrastructure ; Electronic Warfare ; Military Information Technology Systems ; Supply Chain Management
URLhttps://www.rand.org/pubs/research_reports/RR4227.html
来源智库RAND Corporation (United States)
引用统计
资源类型智库出版物
条目标识符http://119.78.100.153/handle/2XGU8XDN/524042
推荐引用方式
GB/T 7714
Daniel Gonzales,Sarah Harting,Mary Kate Adgie,et al. Unclassified and Secure: A Defense Industrial Base Cyber Protection Program for Unclassified Defense Networks. 2020.
条目包含的文件
文件名称/大小 资源类型 版本类型 开放类型 使用许可
RAND_RR4227.pdf(1763KB)智库出版物 限制开放CC BY-NC-SA浏览
x1585760330691.jpg.p(3KB)智库出版物 限制开放CC BY-NC-SA浏览
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Daniel Gonzales]的文章
[Sarah Harting]的文章
[Mary Kate Adgie]的文章
百度学术
百度学术中相似的文章
[Daniel Gonzales]的文章
[Sarah Harting]的文章
[Mary Kate Adgie]的文章
必应学术
必应学术中相似的文章
[Daniel Gonzales]的文章
[Sarah Harting]的文章
[Mary Kate Adgie]的文章
相关权益政策
暂无数据
收藏/分享
文件名: RAND_RR4227.pdf
格式: Adobe PDF
文件名: x1585760330691.jpg.pagespeed.ic.vqo75_gM9M.jpg
格式: JPEG

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。