Defense electronics industry concerned about cyber security, yet not sure where to turn for help

NASHUA, N.H., 15 April 2015. The vast majority of those in the aerospace and defense electronics industry are deeply concerned with the susceptibility of their data and systems to cyber attack, yet are not investing in cyber security tools because of perceived high costs and lack of customer cyber security requirements.

Apr 15th, 2015
Latest update with data from 23 April 2015
Latest update with data from 23 April 2015

NASHUA, N.H., 15 April 2015. The vast majority of those in the aerospace and defense electronics industry are deeply concerned with the susceptibility of their data and systems to cyber attack, yet are not investing in cyber security tools because of perceived high costs and lack of customer cyber security requirements.

That's the evolving conclusion of an industry survey by Military & Aerospace Electronics and Intelligent Aerospace on how important cyber security is to the aerospace and defense electronics industry and how cyber security will influence this industry in the future.

As of 23 April 2014, 333 readers of Military & Aerospace Electronics and Intelligent Aerospace had responded to the eight-question survey, which has been available online for two weeks. Three out of four of those responding say they are very concerned or extremely concerned about the vulnerability of their data and systems to cyber attack.

The survey will be up for another four weeks, and is available online at here at www.surveymonkey.com/s/PSPCSLS.

Of responders, 88 percent say they expect the need for cyber security, information security, and cyber warfare to change how they do their jobs over the next one to three years. At the same time, however, the survey indicates that aerospace and defense electronics experts are unclear of how to deal with cyber security issues, and unclear on the companies to turn to for help with cyber security tools and advice.

Related: Air Force asks Northrop Grumman to beef-up cyber security for BACN battlefield communications

Of those responding, 47 percent say they are not sure of specific companies they would approach as cyber security providers. Of those responders who were specific about companies they would approach for cyber security products, the companies they mentioned include:

-- Advanced Technical Intelligence Center (ATIC) in Beavercreek, Ohio;
-- AlienVault Inc. in San Mateo, Calif.;
-- Apple Inc. in Cupertino, Calif.;
-- Aspect Security Inc. in Columbia, Md.;
-- Boeing Defense, Space & Security in St. Louis;
-- Check Point Software Technologies Ltd. in Tel Aviv, Israel;
-- Cigital Inc. in Dulles, Va.;
-- Cisco Systems Inc. in San Jose, Calif.;
-- Comodo Group in Clifton, N.J.;
-- Cybernet Systems Corp. in Ann Arbor, Mich.;
-- Dell in Round Rock, Texas;
-- FireEye Inc. in Milpitas, Calif.;
-- General Dynamics Information Technology in Fairfax, Va.;
-- Google in Mountain View, Calif.;
-- IBM Corp. in Armonk, N.Y.;
-- Intel Security Group (formerly McAfee Inc.) in Santa Clara, Calif.;
-- Juniper Networks in Sunnyvale, Calif.;
-- Kapersky Lab in Woburn, Mass.;
-- L-3 TRL Technology in Tewkesbury, England;
-- Lancope Inc. in Alpharetta, Ga.;
-- Lockheed Martin Information Technology in Denver;
-- Microsoft Corp. in Redmond, Wash.;
-- National Instruments in Austin, Texas;
-- Norse Corp. in San Mateo, Calif.;
-- Northrop Grumman Information Systems in McLean, Va.;
-- Palo Alto Networks Inc. in Santa Clara, Calif.;
-- Raytheon Co. in Waltham, Mass.;
-- RSA Advanced Cyber Defense in Hopkinton, Mass.;
-- Symantec Corp. in Mountain View, Calif.;
-- Trend Micro Inc. in Irving, Texas; and
-- Trustwave in Chicago.

The wave of cyber security is near at hand, survey responders say. Nearly 95 percent say they expect future aerospace and defense programs and contracts to require proof of cyber security and cyber protection. Less than 3 percent don't expect these kinds of future cyber security requirements.

The majority of responders perceive the threat of cyber security to be elevated, high, or severe in mission- and life-critical aerospace and defense applications like avionics and vetronics, air traffic control, satellites and manned spacecraft, embedded systems, unmanned vehicles, and command, control, communications, computers, surveillance, and reconnaissance (C4ISR).

Related: DARPA eyes cyber security program to safeguard private and proprietary computer information

Survey responders say they protect their information and systems from cyber attack -- or will in the future -- with software, hardware, education, physical security, and virtual and cloud computing.

Despite the critical need for cyber security that responders perceive, nearly 55 percent say they haven't adopted cyber security tools yet because of costs. 29 percent say the haven't because of a lack of requirements, 27 percent say there is no return on investment for buying cyber security tools, 29 percent say cyber security is not required by clients, and 20 percent say the have not purchased cyber security tools because of a low threat level.

Those responding to the survey primarily are -- or would be -- buyers and specifiers of cyber security tools. 61 percent say they expect to be involved in their company decision to buy, recommend, or specify cyber security, information security, or cyber warfare protection tools in coming years. Just 39 percent say they don't expect to be involved in cyber security purchasing decisions.

For those of you who would like to weigh-in on today's aerospace and defense cyber security issues, the survey is online here at www.surveymonkey.com/s/PSPCSLS.

More in Computers