Partnerships between the U.S. government and America’s vibrant private sector have always been a key part of keeping the world safe, but the same independence that allows vendors and contractors to provide innovative new solutions also poses a risk to government data and programs. As the Defense Department and federal civilian agencies empower their workforces to increase the speed of acquisition and deliver better, more innovative solutions—a paradigm shift that Undersecretary of Defense for Acquisition and Sustainment Ellen Lord called “the most transformational acquisition policy change we’ve seen in decades”—we must balance the promise of speed and innovation that it brings with critical advancement in program protection.
The government’s lack of full visibility and control over its vendors’ cybersecurity practices creates an inherent “trust but verify” framework for vendors entrusted with the most sensitive projects in aerospace and defense, vaccine development, nuclear energy and other sensitive areas. This is especially critical in the emerging fields of artificial intelligence and machine learning, where an increasing number of vendors find…
