Pentagon Small Biz Office Didn’t Know About Cyber Training

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2015/09/pentagon-small-biz-office-didnt-know-about-contractor-cyber-training/122036/

By Aliya Sternstein
NextGov.com
September 25, 2015

Hackers pummel small companies because they are easy targets, with poor 
security hygiene and network access to big business partners, say security 
specialists. That logic applies to small military contractors, too.

But the Pentagon’s Office of Small Business Programs has resources to help 
protect the little defense businesses – it just didn’t know it. That was 
the finding of a Government Accountability Office audit released Thursday.

The office "had not identified or disseminated cybersecurity resources to 
defense small businesses that the businesses could use to understand 
cybersecurity and cyberthreats," Joseph Kirschbaum, GAO director for 
defense capabilities and management, said in the report. Office employees 
"were not aware of existing cybersecurity resources such as those we 
identified when we met with them in June 2015."

Even as the Pentagon was imposing data breach regulations on the $55.5 
billion sector, the office essentially had other priorities than 
advocating information security awareness.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/