A CyberSheath Services International study has found that 87 percent of defense contractors have fallen short of reaching a score of 70 in the Supplier Performance Risk System, a metric used to determine whether vendors meet Defense Federal Acquisition Regulation Supplement requirements.
CyberSheath said Wednesday it commissioned Merrill Research to survey 300 individuals responsible for cybersecurity within the defense industrial base between July and August and found that about 80 percent of contractors do not track their systems and adopt security monitoring services.
The report also showed that 79 percent of respondents said their organizations lack a comprehensive multifactor authentication system and 73 percent reported that they do not have an endpoint detection and response platform in place.
According to the study, 70 percent of surveyed contractors said they have not fielded security information and event management systems.
“The report’s findings show a clear and present danger to our national security,” said CyberSheath CEO Eric Noonan.
“Our military secrets are not safe and there is an urgent need to improve the state of cybersecurity for this group, which often does not meet even the most basic cybersecurity requirements,” Noonan added.