One goal of better cooperation with suppliers is to reduce the lag time between development of new cybersecurity technology and its deployment, said Robert Butler, deputy assistant secretary of defense for cyber policy.
Speaking to reporters at a Washington briefing, Butler said that DoD also wants to promote cybersecurity supplier diversity to improve competition and guard against compromise of the cybersecurity supply chain. "Supply chain is a big issue that we are tracking", Reuters quoted Butler as saying.
Currently, the Pentagon relies on a relatively small group of defense companies that have cybersecurity business units, such as Lockheed Martin, Northrop Grumman, Raytheon, and BAE Systems.
Butler said that the Pentagon also plans to screen cybersecurity components and subcomponents better and to manage the risks involved in the manufacturing processes.
Asked about US purchases of IT equipment from Chinese companies, Butler declined to comment. This week, a group of US lawmakers asked the Federal Communications Commission (FCC) to report on security risks posed by a US network equipment deal that Chinese firms Huawei Technologies and ZTE signed with Sprint and Cricket.
“As you are aware, two Chinese companies, Huawei Technologies Co., Ltd. and ZTE Corporation, are aggressively seeking to supply sensitive equipment for U.S. telecommunications infrastructure and/or serve as operator and administrator of U.S. networks, and increase their role in the U.S. telecommunications sector through acquisition and merger”, the lawmakers wrote to the FCC.
“We are very concerned that these companies are being financed by the Chinese government and greatly influenced by the Chinese military, which may create an opportunity for the Chinese military to manipulate switches, routers, or software embedded in American telecommunications network so that communications can be intercepted, tampered with, or purposely misrouted. This would pose a real threat to our national security”, they added.