MITRE Study Factors into Pentagon Rethinking Supply Chain Security

August 13, 2018

The Pentagon has a new goal aimed at protecting its $100 billion supply chain from foreign theft and sabotage: to base its weapons contract awards on security assessments—not just cost and performance—a move that would mark a fundamental shift in department culture.

The goal, based on a strategy called Deliver Uncompromised, comes as U.S. defense firms are increasingly vulnerable to data breaches, a risk highlighted earlier this year by China’s alleged theft of sensitive information related to undersea warfare, and the Pentagon’s decision last year to ban software made by the Russian firm Kaspersky Lab.

"The department is examining ways to designate security as a metric within the acquisition process," Maj. Audricia Harris, a Pentagon spokeswoman, said in a statement. "Determinations [currently] are based on cost, schedule and performance. The department's goal is to elevate security to be on par with cost, schedule and performance.”

The strategy was written by The MITRE Corporation, a nonprofit company that runs federally funded research centers, and the firm released a copy of its report Monday.

"The major goal is to move our suppliers, the defense industrial base and the rest of the private sector who contribute to the supply chain, beyond a posture of compliance—to owning the problem with us," said Chris Nissen, director of asymmetric-threat response at MITRE.

View on The Washington Post