Story excerpt provided by breakingdefense.com
PENTAGON: “I would rather not have to shove this down industry’s throat,” the director of the Protecting Critical Technology Task Force told me here. “I would rather this be a conversation than direction, but we’ve unfortunately seen over the years … if there’s no repercussions to not having security, there’s no incentive to have it.”
“We haven’t really held them to account. Our data that’s been exfiltrated by adversaries over decades, it’s really no harm, no foul,” Maj. Gen. Thomas Murphy told me. “I don’t blame them, [but] now we’re going to provide that incentive.”
“A company’s security or lack thereof has no bearing on whether we do business with them today,” he said. “It’s not something we hold as important as cost schedule and performance.” That needs to change.
Originally published Dec. 16, 2019.