Accession Number:

AD1040724

Title:

CYBER SUPPLY CHAIN SECURITY: CAN THE BACKDOOR BE CLOSED WITH TRUSTED DESIGN, MANUFACTURING AND SUPPLY

Descriptive Note:

Technical Report

Corporate Author:

AIR COMMAND AND STAFF, AIR UNIVERSITY MAXWELL AFB United States

Personal Author(s):

Report Date:

2016-08-01

Pagination or Media Count:

43.0

Abstract:

There are significant cybersecurity challenges confronting the Department of Defense DoD and other U.S. departments and agencies due to their reliance on globalized information technology IT marketplace with insufficient security measures in place for a cyber supply chain providing vital IT products destined for mission critical systems. An unsecured globalized cyber supply chain provides amply opportunity for malicious actors to compromise, corrupt, and introduce counterfeit cyber components destined for critical government systems designed to protect and defend U.S. national security. The literature describes a cyber marketplace and supply chain driven by costs, which has created numerous vulnerabilities. It also identifies U.S. directives, policies, and techniques that have done little in securing the cyber supply chain. This paper utilizes a problemsolution framework and focuses on some prevalent cyber supply chain security issues a globalized IT marketplace has with counterfeit parts, malicious state and non-state actors and that can potentially build in backdoors that threaten cybersecurity for all. Solutions to this complex problem will focus on mitigation efforts the DoD and other U.S. departments and agencies can take by adding required education and training, evaluating procurement decisions, enhancing testing procedures, and by building partnerships in order to work trust and integrity back in its cyber supply chain.

Subject Categories:

  • Computer Systems Management and Standards
  • Logistics, Military Facilities and Supplies

Distribution Statement:

APPROVED FOR PUBLIC RELEASE