Skip to content

Content Header

Strengthening DoD Cyber Security with the Vulnerability Market

Strengthening DoD Cyber Security with the Vulnerability Market published on

Authored by Air Force Institute of Technology

Every year, the DoD upgrades its information technology systems, allows new applications to connect to the network, and reconfigures the Enterprise to gain efficiencies. While these actions are to better support the warfighter and satisfy national security interests, they introduce new system vulnerabilities waiting to be exploited. Often, these vulnerabilities are discovered after the system has already deployed and where costs to fix are much larger. This paper recommends the DoD adopt an Information Assurance tactic to limit these costs, called the vulnerability market. Through use of the vulnerability market, DoD will ensure information security is built into the application, minimize the number of distributed patches, and optimize investment in defense programs.

Using empirical data, it was shown that vulnerability disclosure phases vary significantly (3-10) years based on market share. Using Adobe Acrobat, a case was made that investing early in a 25% vulnerability disclosure rate could save over 25% cumulative lifecycle costs due to vulnerability remediation actions.

Publication Date:
Aug 06 2014
1500750158 / 9781500750152
Page Count:
Binding Type:
US Trade Paper
Trim Size:
8.5″ x 11″
Black and White
Related Categories:
Political Science / Political Freedom & Security / International Secur


Primary Sidebar