The U.S. Department of Defense rolled out its plan to shield suppliers from digital sabotage amid growing concern about cyberattacks on critical infrastructure.

The Pentagon on March 28 made public its 2024 Defense Industrial Base Cybersecurity Strategy, proffering four goals and many more objectives. Among them are widespread adoption of cybersecurity best practices, preservation of supply chains critical to military manufacturing, and improved communication between public and private sectors.

“Our adversaries understand the strategic value of targeting the defense industrial base,” David McKeown, the deputy chief information officer for cybersecurity, told reporters at the Pentagon. “We have, departmentally, started paying a lot more attention to it and engaging with the companies.″

The Defense Department’s pool of contractors and related resources is under constant threat of online harassment and foreign influence. Both Russia and China are known to prod U.S. companies for their closely held designs.

The National Security Agency, FBI and other federal entities in October 2022 said hackers managed to inflitrate a company, sustain “persistent, long-term” access to its network and abscond with sensitive information. The victim went unnamed. Years prior, Chinese-sponsored cyberattacks breached a Navy contractor’s computers, jeopardizing info tied to work on an anti-ship missile, Defense News reported.

Pentagon suppliers are considered critical infrastructure alongside water, food and energy facilities, health-care firms, and transportation systems. Attacks occur often, and attackers can dogpile on flaws that go ignored, according to McKeown.

“In this day and age, especially in the United States of America, everybody should believe the power of the hacker,” he said. “It’s been proven out numerous times.”

The cybersecurity strategy nests with the Defense Department’s higher-profile guidance: the 2022 National Defense Strategy, the 2023 National Cybersecurity Strategy and this year’s National Defense Industrial Strategy.

Publication comes weeks after the department introduced its fiscal 2025 budget blueprint, which included $14.5 billion for cyber activities. The figure is about $1 billion more than the Biden administration’s previous ask. It’s also up from FY23, when it sought $11.2 billion.

Colin Demarest was a reporter at C4ISRNET, where he covered military networks, cyber and IT. Colin had previously covered the Department of Energy and its National Nuclear Security Administration — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.

Share:
More In Cyber