Threats to Small Defense Businesses Can Have an Outsized Impact

Threats to Small Defense Businesses Can Have an Outsized Impact


Defense Industrial Base (DIB) manufacturers in the United States thoroughly understand the concepts of regulation and compliance. Almost no aspect of their business is outside the reach of some state-level or federal oversight agency or law. As some of the most sensitive organizations in existence, they are also no stranger to risk.

Risk exists at all levels, both inside and outside of the building, from physical locks to hiring trustworthy employees to finding honest (and secure) vendors and partners. Then of course there are the risks associated with a growing number of cyber threats, from passive malware-infected files and websites to sophisticated, persistent attacks. Cyber risk mitigation is the difference between business as usual, and a state-sponsored criminal burrowing deep into your network and planting a botnet node to steal sensitive information and turn your own devices against you.

Unfortunately, strong cybersecurity is clearly not an ingrained mindset in small and mid-sized DIB businesses. If you’re not convinced, take a look at some highlights from a September 2018 U.S. Department of Defense Presidential report entitled “Assessing and Strengthening the Manufacturing and Defense Industrial Base and Supply Chain Resiliency of the United States”:

  • In a broad survey of over 9,000 classified contract facilities within the DIB, more than 6,600 small business facilities lagged significantly in their cybersecurity measures, as compared to large firms.
  • Fewer than half of the surveyed DIB facilities classified as small businesses had any cybersecurity measures in place at all.
  • There is a significant lack of awareness of federal cybersecurity requirements within small manufacturers.
  • There is also a significant lack of awareness of the flow-down obligations owned by second and third tier suppliers to primes in the DIB.
  • To quote the report, “Gaps in the cybersecurity sector lead to pervasive and persistent vulnerabilities to the industrial base, contributing to the erosion of manufacturing and decreasing economic competitiveness and national security.”

This should cause all of us to lose sleep. Some of these small businesses create solutions that are deployed in Top Secret government and DoD networks, and in some cases they have barely a whiff of cybersecurity in place to keep bad actors from infiltrating their processes.

At Owl, we help DIB organizations secure their IP, their core manufacturing processes, data repositories, and their distribution networks, with easy-to-implement solutions. DIB companies can be ruined by cybercrime, which typically affects the entire supply chain – and even national security as a whole – not just one entity. If your DIB organization isn’t properly defended from cyber threats, the time to act is now. A safe and secured nation may never thank you later, but it’s far too important to ignore. This is not mere hyperbole. It really does matter.

To learn more about Owl Cyber Defense Cross Domain solutions visit: https://www.owlcyberdefense.com/cross-domain-solutions

About The Author

Dan Callahan has been in the federal market since 1984. Dan’s primary roles have centered around gathering federal agency IT requirements in categories such as enterprise software, high performance computing, complex telecommunications and cybersecurity. He manages client requirements from the US civilian intelligence community.

Insights to your Inbox

Stay informed with the latest cybersecurity news and resources.

Owl & AFRL – Pioneering Secure Cross Domain Video Transfer

A drone hovers over a remote compound in a hostile region, capturing live video of a high-value target—a terrorist leader whose capture could dismantle a global threat network. The stak...
September 16, 2024
Paul Nguyen DoD Account Director

Proven Solutions for Navy “Data Maneuverability” @ AFCEA WEST

Hi, I’m Paul Nguyen, one of the new leaders of Owl’s DoD Mission Support team. I joined Owl Cyber Defense (Owl) earlier this month, just in time to be a part of our annual corporate o...
January 31, 2024

Owl SEER Lab MiniBlog 1: CVE-2023-21093

Hello and welcome to the launch of the Owl Cyber Defense System Evaluation, Exploitation, and Research (SEER) Laboratory miniblog! This is the very first in a line of forthcoming posts. ...
September 26, 2023