Carley Welch
WASHINGTON — The Department of Defense is working on creating cybersecurity assessment tools, or “scorecards,” to determine the cyber posture of weapons systems within the combatant commands, a defense official said.
David McKeown, who is performing the duties of the DoD’s deputy chief information officer for cyber and chief information security officer, said the “warfighter scorecards” will help servicemembers better understand where their weapons systems fall vulnerable — something they are not fully adept at yet, he said. Right now such assessments exist, but are not as comprehensive as a scorecard would be.
“They [the COCOMs] need to know the risks that they’re incurring across all of those systems. We do an analysis of a weapons system, and we publish it, but I don’t think the combatant commands really understand the impacts of their mission. So we’re going to try to drive in more mission impact analysis,” McKeown said Thursday during the Potomac Officer’s Club Cyber Summit.
In addition to the current assessments lacking mission impact analysis, the department also does not properly communicate the severity of risk that a lack of cybersecurity can pose to weapon systems down to the warfighter, McKeown said.
“We have a variety of governance across the department, lots of good work being done through the Strategic Cybersecurity Program, looking at critical infrastructure, understanding where the systems are vulnerable. We don’t do a good job of exposing that to the warfighter though,” he told Breaking Defense on the sidelines of the event. “We do all this work, but we don’t scrape off the important risk information and present it to the warfighter.”
No comments:
Post a Comment