The Pentagon will step up cybersecurity training for small defense contractors

The Department of Defense will help small defense contractors protect their networks from increasingly threatening cyber actors who are stealing trade secrets and waging economic espionage.

The Pentagon will step up its efforts after a Government Accountability Office (GAO) report criticized it for failing to offer these smaller companies adequate support.

The entire U.S. defense-contractor field faces a rising tide of cyberattacks, but small businesses in particular lack the resources to defend themselves. Major contractors like Boeing and Lockheed Martin have larger cybersecurity budgets and can hire more researchers and engineers to bolster their defenses.

In the face of the sustained theft and espionage campaigns against its corporate partners, the Pentagon will begin hosting training events and education programs for employees of the smaller companies. The new policy aligns with the Defense Department’s goal, outlined in its 2015 Cyber Strategy, of stepping up its partnership with the private sector to defend American networks.

Small defense companies accounted for $55.5 billion in Pentagon contracts in 2014, about 12 percent of the military’s total budget.

The Pentagon acknowledged the GAO report’s findings and pledged a new approach to cybersecurity for small military contractors.

“Future outreach by the [Department of Defense Office of Small Business Programs] will increase awareness of cybersecurity education for its stakeholders,” OSBP director Kenyata Wesley wrote in response to the report. “The DoD OSBP will also increase awareness of the cybersecurity education resources among the DoD Small Business workforce through training events, education programs and by issuing guidance to the Military Departments and Defense Agencies.”

The most pressing cyber threats identified in the report included botnets, independent criminals, hacktivists, insider threats (namely rogue employees), terrorist groups, and nation-states.

Foreign governments pose the most significant threats. While China and Russia operate some of the most sophisticated cyberwarfare programs in the world, according to Director of National Intelligence James Clapper, Iran and North Korea are less sophisticated but “if they choose, can do great harm.”

Photo via DVIDSHUB/Flickr (CC BY 2.0) 

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.