Accession Number:

ADA582734

Title:

Strengthening US DoD Cyber Security with the Vulnerability Market

Descriptive Note:

Graduate research project Jun 2012-Jun 2013

Corporate Author:

AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH GRADUATE SCHOOL OF ENGINEERING AND MANAGEMENT

Personal Author(s):

Report Date:

2013-06-01

Pagination or Media Count:

77.0

Abstract:

In the past decade, the DoD and defense contractors have witnessed an immense theft of intellectual property which originated inside and outside our borders. So how do these thefts occur when the DoD has one of the most secure and defended networks in the world Every year, the DoD upgrades their IT systems, allows new applications to connect to the network, and reconfigures the enterprise to gain efficiencies. While these actions are often in support of the warfighter and securing national security interests, they also introduce new system vulnerabilities that lie in wait to be exploited. Often, these vulnerabilities are discovered when the system is already deployed and too late to stop a leak of sensitive information. A proactive approach is needed to identify possible system vulnerabilities prior to fielding when the costs to fix a bug are much less. This paper recommends that the DoD adopt an Information and Software Assurance tactic that has recently grown in popularity the vulnerability market. Through use of the vulnerability market, DoD can ensure that information security is built into the application layer, minimize the number of patches distributed, and optimize the investment in defense programs.

Subject Categories:

  • Information Science

Distribution Statement:

APPROVED FOR PUBLIC RELEASE