Case Studies in Cyber Security.


Chiderah Okoye, Executive Director, Venly Institute


* Tom Fellows, General Manager, Venly

* Joe Reagan, President & CEO, St. Louis Regional Chamber of Commerce, and incoming Chair, Association of Chamber of Commerce Executives

* VADM William A. Brown, USN (Ret.), President & CEO, NDTA

Ms. Okoye set the tone of the panel saying, "We will only be successful when businesses start viewing implementing strong cyber security as good business practice that they would want to do anyway. Everyone in this room understands that their best practices are only as good as the implementation of the supply chain partners that you rely on."

She continued that we should remind ourselves of the importance of our public-private partnership, given that no other country in the world depends as much as the US does on its private sector to deliver its national defense. If we don't find a way to secure our entire supply chain from end-to-end we will be subject to the same vulnerabilities that come with the weakest link in our supply chain. Those weak links would put the DOD supply chain in harm's way, which would be unacceptable.

One way around that unacceptability would be to stop using smaller organizations all together, relying only on the larger prime contractors to manage all of the work. Conversely, if cost of compliance is viewed as being too high or too complicated, those smaller firms will opt out of serving the DOD themselves. The combinations of these factors would hurt the US economy which relies on small business job growth.

The National Institute of Standards and Technology (NIST) Compliance 800-171 is a baseline standard. It addresses how an organization's operations deal with cyber security including such areas as virtual and physical access, personnel training, and internal procedures. Essentially the standard takes cyber security and distills it into a scorecard.

While the standards speak to protect and control unclassified information, all carriers that support DOD will be required to adhere to this standard...

To continue reading

Request your trial