The U.S. Missile Defense Agency (MDA) considers cyber attacks a serious concern and has taken a series of steps to protect against them, the agency head told lawmakers June 11.
Under questioning by Sen. Jack Reed (D-R.I.) at a missile defense hearing of the Senate Appropriations defense subcommittee, Navy Vice Adm. James Syring, MDA’s director, said he would not elaborate on the nature of threats in a public session. But in his written testimony, Syring said the agency is tackling the problem on several fronts.
“MDA has been working diligently to enhance the cybersecurity posture of missile defense networks and improve the protection of ballistic missile defense information,” Syring said. “MDA has developed new policies, partnered extensively with industry and other Department of Defense organizations, and has continuously increased investments in cybersecurity to ensure our networks and information remain secure against cyber attacks.”
Syring said that specific measures include:
- Coordinating policy memoranda with DOD’s chief information officer and acquisition chief and signing MDA policy memoranda on “Securing Ballistic Missile Defense Information on Government and Non-Government Networks and Systems.” These documents require MDA program leaders, contracting officials and contractors to follow existing guidelines and implement new cybersecurity measures.
- Publishing a manual entitled, “Procedures for Protection of Critical Program Information and Mission Critical Functions and Components within the Missile Defense Agency.”
- Holding a cybersecurity industry day entitled, “The Emerging Role of Cybersecurity in Missile Defense Agency Acquisitions.” The event informed MDA industry partners of new cybersecurity requirements and threats and elicted feedback from industry representatives on how they can meet the new cybersecurity requirements.
- Expanding a partnership with the Pentagon’s chief weapons tester to try out cybersecurity upgrades to MDA systems. During their first joint experiment, which occurred in February, “MDA successfully demonstrated cybersecurity improvements that are in development,” Syring said. “As a result of extensive interactions with a live cyber operational force during the first experiment, MDA will pursue new ways to strengthen cybersecurity that will be demonstrated in future experiments.”
- Enhancing the “integrated security architecture” that “constantly improves methods to protect, monitor, analyze, detect and respond to unauthorized activity within MDA information systems.” Syring noted that MDA’s computer emergency response team continuously monitors MDA information systems to keep them secure.