Defense Secretary Jim Mattis hosted a group of defense company executives at the Pentagon today and has an additional meeting scheduled for Thursday to discuss the Defense Department's key priorities, including the security of classified information, Inside Defense has learned.
The meeting was attended by Boeing Defense Space & Security CEO Leanne Caret, according to a company spokesman. A Lockheed Martin spokesman declined to comment when asked if CEO Marillyn Hewson had attended. Inquiries to other large defense companies went unanswered.
Though the Pentagon confirmed the Tuesday meeting, a spokeswoman declined to provide additional information on attendees or topics of discussion.
"Secretary Mattis expects his leaders to engage with industry -- in a fair and open manner within legal boundaries -- to find ways to reform our business practices and build a more lethal force. This meeting is part of that effort," according to an email from Heather Babb, a Pentagon spokeswoman.
Babb did not confirm the meeting scheduled for Thursday.
Meanwhile, a defense industry source said the Thursday meeting with Mattis and the industry CEOs would also include Deputy Defense Secretary Patrick Shanahan and would be focused on the National Defense Strategy.
Acting Chief Information Officer Essye Miller said during a speech at National Harbor, MD, earlier today that the purpose of the meetings was to discuss information security and other DOD issues.
"One of the reasons I have to get back: We have a group of CEOs that are coming in to meet with the secretary this morning, and another group on Thursday, to talk about amongst other things, security," she said. "The defense [industrial] base is one of the areas that we're concerned about regarding security. How are you guys protecting the data that we push to you? How are we determining what data we need to push to you as we're doing business with you? And once we make that decision, how are we protecting that?"
The DOD inspector general this week cited the Missile Defense Agency for failing to properly supervise private contractors and how they protect classified information.
"Contractor system security controls were ineffective because the MDA did not oversee the contractors' current or planned actions to protect [Ballistic Missile Defense System] technical information on classified and unclassified networks and systems before contract award or during the contract period of performance," an April 2 report states. "If the MDA does not verify and monitor compliance with Defense Federal Acquisition Regulation Supplement (DFARS) and National Industrial Security Program Operating Manual requirements, contractors could inadvertently disclose critical technical details of the DOD's BMDS components to U.S. adversaries and allow them to potentially circumvent the BMDS capabilities, leaving the United States vulnerable to deadly missile attacks."
DOD and industry have been in discussions about adopting more stringent network security requirements, but questions remain about how they will be implemented.
Lt. Gen. Paul Nakasone, the nominee tapped to lead U.S. Cyber Command and the National Security Agency, has said cyber vulnerabilities among cleared contractors in the defense industrial base pose significant threat to national security and require a new, "comprehensive" approach.
"As military defenses are relatively formidable, critical infrastructure and the defense industrial base and private sector are likely seen as a rich source of information and a critical vulnerability in the nation’s armor," he told the Senate Armed Services Committee in written testimony March 1.
The outgoing head of CYBERCOM and the NSA, Adm. Mike Rogers, highlighted the challenge during a Feb. 27 Senate Armed Services Committee hearing.
"How do we better work the DOD role in the defense industrial base to clear defense contractors?" he said. "We've got to get a different dynamic here. We've got to look at that differently."
Additional reporting by Justin Doubleday