Defense Logistics Agency Troop Support Subsistence supply chain enlisted the help of five students from the University of Virginia’s Hacking for Defense course to communicate new Department of Defense information security requirements and resources to food industry partners.
The Hacking for Defense coursework provides university students an opportunity to work with DOD and the intelligence community to address the nation’s cybersecurity threats and security challenges.
The students, with no cybersecurity background and zero knowledge of DOD operating practices, got the ball rolling after receiving mountains of documents to review, numerous candidates to interview and loads of questions for their project sponsor, Brian Pippert with DLA Information Operations cyber resilience integration office.
“First, we had to try to figure out why cybersecurity even matters and how to help others understand it in a more digestible way,” Joan Lee, a senior Global Security and Justice major said. “Mr. Pippert encouraged us to do a case study on food. He said, ‘figure it out. If you can’t feed troops, which is a life or death matter.’ From the beginning, this was an easy way to just talk about the beauty and nature of cybersecurity, its implementation and why it matters.”
With a renewed understanding of the project, the guidance of Pippert and their professor, the students commenced their semester-long task.
Sophomore Government major Maxwell Halbruner said, “For this project, we interviewed about 15-16 people. During the interviews we worked to ascertain precisely their role and try to feel them out to see if the problems that we had identified with in terms of cybersecurity they were feeling.”
“For the problems that they were not feeling we would just change our strategy,” Halbruner said.
Once the problem statement was agreed upon by all parties, the team of five focus shifted to how to best provide this information to the Subsistence supply chain industry partners.
“In order to improve cybersecurity in the supply chain, we needed to let the companies figure it out themselves but we also needed to help them by providing them the information that they needed,” Halbruner said. “The requirements where already out there for the companies to improve their cybersecurity but the individual companies did not know about them.”
As the problem became clearer to the students, they utilized a unique methodology to identify their proposed solutions to their problem statement.
“We learned that we were getting a concrete problem out of a really obscure problem,” Nicholas Atter, senior, Economics major said. “Fixing cybersecurity is a kind of up in the air type of problem. We managed to narrow that down and provide a solution to that problem.”
“We conducted our research, came up with different recommendations that could potentially solve these problems, reviewed metrics to see how well the problems would be solved with our solutions and then we put together our presentation,” Atter said.
A problem-solving process, the project sponsor considered quite different from how he does things in his line of work.
“The Hacking for Defense methodology is quite different from how we look at problem in the J6 world right now,” Pippert said. “It is a different approach, where you separate the solution space from the problem space. You really work to clearly define the problem and tease out different possible solutions from there.”
At the end of the semester, the students presented their findings to Troop Support leadership and staff members at the Pentagon.
“By generating measurements of success to a concrete problem, we, as a group, generated three recommendations for the DLA. These solutions were additions to contracts, a chatbot, and training modules. We sought to input the full text of the critical clauses pertaining to cybersecurity into a contract to ensure contractors could identify important terms,” Seneca Tsang, senior, Cognitive Science major said. “We recommended a chatbot to help field questions in a more efficient manner. We also suggested inserting training modules on cybersecurity and available resources to contractors into the application process via an opt-out procedure.”
Pippert stated that this was DLA’s first project completed by the Hacking for Defense students and considers the students work beneficial to the organization.
“The benefits of bringing on college students is that they really brought in a fresh perspective than people of my age, the 50 plus group,” Pippert said. “Their ideas were new and aligned with technology in terms of the things that are happening in today’s world and the way people are interacting with technology a lot more.”
The Subsistence leadership team has already implemented one of the student’s recommendations and is currently working with Pippert’s team and other departments to implement the others recommendations in the very near future.
“We needed to do a better job of educating and communicating our requirements in the solicitations to our contractors. To fix this, Subsistence has already incorporated a new strategy for their industrial days or pre-solicitation conferences to present this information to all of the offers at that juncture. The other items that the students recommended was changing the wording in the solicitations to spell out all the requirements instead of providing a link to a reference,” Pippert said. “Some of the other ideas will take a little longer to implement like adding a chatbot to the DLA public website for contractors to ask questions using artificial intelligence and provide the capability to capture all of the questions and answers making them available to all of the offers. More education was another thing, so we are working with the J1 to develop training for our contractors that would be made on available on the DLA public website as well.”