Cyber Insecurity: When Contractors Are Weak Link - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity
Commentary
11/20/2013
09:04 AM
Richard A. Russell
Richard A. Russell
Commentary
100%
0%

Cyber Insecurity: When Contractors Are Weak Link

Government and defense contractors play a crucial role in protecting sensitive information. But the evidence suggests they are losing the battle.

The time may have come to hold the contractor companies accountable for inadequate safeguards and lack of security measures which will protect critical program information, sensitive information, and even classified information.

But of even greater concern for our community is its continued reliance on current methods and processes for protecting networks, enterprises, and information.  What is needed is a quantum leap to new and innovative approaches that will change the systems, environments, and networks to make them capable of recognizing malware, intrusion attempts, infected software copies, and other common tools of the cyber-attacker's tradecraft. 

With real innovation and a drive from senior leaders to find and test new solutions, rather than permutations of the same old solutions, the government could get ahead of our adversaries and create the time gap necessary to allow for even more innovation and structural shifts that could frustrate adversaries and provide our country with a competitive advantage in the future.

Our economic well-being and our ability to dominate the battle space of tomorrow hinge on this effort. It is imperative for companies to protect their internal networks and systems, to sequester government information more effectively, and to redouble efforts related to insider threats.  If we do not fix this, we could find ourselves overpowered economically and militarily in the future.

 

 

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WKash
50%
50%
WKash,
User Rank: Author
11/21/2013 | 11:22:21 AM
Re: Holding contractors accountable
The Snowden incident is one dimension of the problem. Yes, agencies can increase measures to guard against the theft / loss of information. The NSA, for instance, is now requiring that two individuals be present during the transfer of any classified information.  But it's much harder to control, discipline or simply fire a long standing but careless contractors whose systems are often grafted into an agency's systems.

 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Author
11/21/2013 | 11:00:15 AM
Re: Holding contractors accountable
Given recent events with the world's most famous governement contractor -- Edward Snowden -- you would think that the government would be exerting even more control over contractors. Go figure!
WKash
50%
50%
WKash,
User Rank: Author
11/20/2013 | 10:42:10 PM
Holding contractors accountable
It seems hard to imagine the government couldn't do more, as yoiu put it, to hold contractor companies accountable for inadequate safeguards and lack of security measures to  protect critical program information, sensitive information, and even classified information.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
11/20/2013 | 10:08:37 AM
Lack of expertise
I wonder about the wisdom of spreading records around so many contractors when top-notch security expertise is so expensive and scarce. Sure, putting assets with a few large suppliers makes for more tempting targets, larger firms can in theory afford and deploy cutting-edge security.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
11/20/2013 | 10:00:33 AM
Do other governments do better?
I'd be curious to know whether these same patterns occur in the Canada, the U.K., or other NATO allies. Is their distribution of labor between contractors and government employees similar or vastly different? Much better managed or about the same?

U.S. government systems can't be the only ones that are under attack, although the U.S. is obviously a big target.
Slideshows
7 Technologies You Need to Know for Artificial Intelligence
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2019
Commentary
A Practical Guide to DevOps: It's Not that Scary
Cathleen Gagne, Managing Editor, InformationWeek,  7/5/2019
Commentary
Diversity in IT: The Business and Moral Reasons
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  6/20/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll