Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
Resource Information
The work Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks represents a distinct intellectual or artistic creation found in Boston University Libraries. This resource is a combination of several types including: Work, Language Material, Books.
The Resource
Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
Resource Information
The work Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks represents a distinct intellectual or artistic creation found in Boston University Libraries. This resource is a combination of several types including: Work, Language Material, Books.
- Label
- Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
- Subject
-
- Administration and Management
- Classified materials
- Coding
- Computer Programming and Software
- Contract administration
- Contractors
- Cyberterrorism
- Department of defense
- Foreign
- Government(foreign)
- Information systems
- Information warfare
- Logistics, Military Facilities and Supplies
- Military procurement
- Policies
- Project management
- Protection
- Requirements
- Risk management
- Security
- Software engineering
- Threats
- Vulnerability
- Weapon systems
- Language
- eng
- Summary
- The Department of Defense (DoD) is increasingly reliant on software and information systems for its weapon capabilities, and DoD prime contractors are subcontracting more of their software development. The increased reliance on software and a greater number of suppliers results in more opportunities to exploit vulnerabilities in defense software. In addition, DoD has reported that countries hostile to the United States are focusing resources on information warfare strategies. Therefore, software security, including the need for protection of software code from malicious activity, is an area of concern for many DoD programs. DoD acquisition and software security policies do not fully address the risk of using foreign suppliers to develop weapon systems software. The current acquisition guidance allows program officials discretion in managing foreign involvement in software development, without requiring them to identify and mitigate such risks. Moreover, other policies intended to mitigate information systems vulnerabilities focus mostly on operational software security threats, such as external hacking and unauthorized access to information systems, but not on insider threats, such as the insertion of malicious code by software developers. Recent DoD initiatives may provide greater focus on these risks, but to date have not been adopted as practice within DoD. GAO was asked to examine DoD's efforts to identify software development suppliers, and manage risks related to foreign involvement in software development on weapon systems. To address software vulnerabilities and threats, GAO recommends that DoD better define software security requirements and require program managers to mitigate associated risks accordingly. DoD agreed with the findings but only partially concurred with the recommendations over concerns that they place too much responsibility for risk mitigation with program managers. GAO has broadened the recommendations to address DoD's concerns
- Cataloging source
- DTICE
- Index
- no index present
- Literary form
- non fiction
Context
Context of Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage RisksWork of
No resources found
No enriched resources found
Embed
Settings
Select options that apply then copy and paste the RDF/HTML data fragment to include in your application
Embed this data in a secure (HTTPS) page:
Layout options:
Include data citation:
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.bu.edu/resource/odIW4ODy6eE/" typeof="CreativeWork http://bibfra.me/vocab/lite/Work"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.bu.edu/resource/odIW4ODy6eE/">Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.bu.edu/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.bu.edu/">Boston University Libraries</a></span></span></span></span></div>
Note: Adjust the width and height settings defined in the RDF/HTML code fragment to best match your requirements
Preview
Cite Data - Experimental
Data Citation of the Work Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
Copy and paste the following RDF/HTML data fragment to cite this resource
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.bu.edu/resource/odIW4ODy6eE/" typeof="CreativeWork http://bibfra.me/vocab/lite/Work"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.bu.edu/resource/odIW4ODy6eE/">Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.bu.edu/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.bu.edu/">Boston University Libraries</a></span></span></span></span></div>
