DoD Inspector General Audits Contractor Networks, Systems

Jeff Brody

The Department of Defense's Office of the Inspector General released the results of an audit that sought to confirm contractors' capacity to secure controlled unclassified information on their respective systems and networks.

The audit confirmed a number of gaps in contractors' security capabilities, including password usage, mitigation of system vulnerabilities and multifactor authentication, DoD OIG said Tuesday.

DoD OIG found that the agency's contracting offices have not developed approaches that will help validate contractual requirements, send contractor notifications, mark CUI documents and confirm implementation of CUI security controls. In addition, the report confirmed that the Defense Threat Reduction Agency did not take prompt action to mitigate the leak of information from a DoD contracting office.

DoD OIG recommended the DTRA's director for contract policy and oversight to modify protocols in tracking DoD data-related security incidents. The inspection office also advises revision of security policies for DoD contracting offices as well as performance assessments on contractors.

You may also be interested in...

Gen. Mark Milley

Gen. Mark Milley: AI, Other Emerging Tech Needed to Deter Aggressors, Win Future Wars

Gen. Mark Milley, chairman of the Joint Chiefs of Staff and a four-time Wash100 Award winner, said artificial intelligence, hypersonics, 3D printing, unmanned systems, long-range precision fires and other emerging technologies could transform the conduct of warfare and are needed to win future wars in the event of deterrence failure.