Pentagon Contractors Rank Below Retailers and Banks When It Comes To Cybersecurity by Aliya Sternstein.
My attention was drawn to this story because of a tweet by Eric Clay that reads:
As hard as it is to believe, #Pentagon contractors rank below retailers and banks when it comes to #cybersecurity.
I don’t find that hard to believe at all. Do you?
Just last week we were reading about VMware/Carasoft ponying up $75.5 Million for fraudulent billing of the government and they remain a government contractor.
Oh to be a government contractor! You can deliver planes that burst into flames at random (F-35) and the US government will help you foist them off on unsuspecting “allies,” you can fraudulently bill the government and remain a government contractor, and you can even fail catastrophically, think Virtual Case Management, but still remain a federal contractor.
There are thousands of stories just like the ones I pointed out, some larger, some smaller, but it is a pattern of non-accountability that has been in place for decades.
How about liability of the contractors, their shareholders and principal officers for failure to perform, a liability that is non-dischargeable in bankruptcy as a start towards accountability for government contractors? And that can be satisfied out of retirement accounts and investments, save for SS.
Unless and until the government stops being a large cookie jar, “no one will notice if I take just one,” for its contractors, don’t expect the quality of work in cybersecurity or elsewhere to improve. Quality of work is not a value in the present contracting system.
PS: I am sure there are contractors and individual people who work for contractors who do very high quality work. The problem is they are the anomalies and not the rule.