January 2022

With a Continuing Resolution (CR) funding fiscal year (FY) 2022 until February and deep budget disagreements remaining, the Department of Defense (DoD) faces a significant risk it could be funded with CRs for the entirety of FY22. This would be a first for DoD and, as Secretary of Defense Lloyd Austin has stated, “an unprecedented move that would cause enormous, if not irreparable, damage to a wide range of bipartisan priorities — from defense readiness and modernization to research and development, to public health.”  These impacts will extend well beyond DoD, disrupting the performance of the defense industrial base (DIB) and economic activity across the U.S. The timing of an FY22 full-year CR could not be worse. Our country is navigating a near-perfect storm of a deteriorating strategic environment urgent catch-up defense modernization needs, surging inflation eroding defense buying power, and a defense industrial base (DIB) amid COVID-19, supply chain constraints, and workforce disruptions. To further quote Secretary Austin, a full-year CR “would misalign billions of dollars in resources in a manner inconsistent with evolving threats and the national security landscape, which would erode the U.S. military advantage relative to China, impede our ability to modernize, degrade readiness, and hurt our people and their families. And it would offer comfort to our enemies, disquiet to our allies, and unnecessary stress to our workforce.” This is where the approximately 300,000 DoD contractors can ensure that they are securing their systems and in turn the nation against our adversaries.  We cannot wait for the government to do this for us.  We must take the lead.  Your role in ensuring NIST 800-171 compliance and future CMMC 2.0 requirements will go a long way.

Cybersecurity is one of the top issues that organizations are battling with every day. In fact, according to Accenture, 68% of business leaders say that their cybersecurity risks are increasing. Ignoring cybersecurity is proving to be one of the most expensive mistakes leading to a 72% increase in the average cost of cybercrime over the past 5 years. With cybersecurity, it is not possible to eliminate risks. Hence, having defense strategies in place can be the best possible solution to mitigating cybersecurity risk. Using a layered security approach, the risks can be minimized. But how do you ensure that your cybersecurity system is strong enough to withstand any attacks on your organization? This is where the cyber kill chain has a role to play. What is a Cyber Kill Chain? The cyber kill chain is essentially a cybersecurity model created by Lockheed Martin that traces the stages of a cyber-attack, identifies vulnerabilities, and helps security teams to stop the attacks at every stage of the chain. The term kill chain is adopted from the military, which uses this term related to the structure of an attack. It consists of identifying a target, dispatch, decision, order, and finally, destruction of the target.