Members of the Senate Armed Services Committee investigated the cybersecurity of contractors working with the United States Transportation Command during a hearing Tuesday.
The hearing, which featured the commander of the U.S. European Command, General Tod Wolters, and the commander of the U.S. Transportation Command, General Stephen Lyons, highlighted the security challenges facing their commands.
Lyons called cyber vulnerabilities the “most consequential to the mobility enterprise,” particularly with commercial carriers.
Citing cyber-specific contract language and self-reporting by commercial carriers as indicators of progress, Lyons added that these contractors could not survive a threat from an advanced persistent threat actor.
Ranking Member Jack Reed, D-R.I., asked Lyons if his command could inspect the contractors’ cybersecurity. His command did not have that authority, Lyons said.
Lyons told Sen. Marsha Blackburn, R-Tenn., his command was focusing on resilience and increasing the standards of cyber compliance.
“We very intentionally have multiple providers,” said Lyons, “so that if we lose one, we can count on others.”
The Department of Defense’s Cybersecurity Maturity Model Certification released last month will help improve compliance, Lyons said.