Securing the Shipbuilding Supply Chain: A Unified Cybersecurity Enablement Model for Defense Subcontractors
Abstract/Description/Artist Statement
Cybersecurity is no longer an individual firm's concern; it is a critical supply chain issue, particularly within the shipbuilding industry. Currently, shipyards manage hundreds of subcontractors who independently implement cybersecurity compliance (CMMC/NIST 800-171), resulting in duplicated spending across the ecosystem, inconsistent protection of Controlled Unclassified Information (CUI), and significant program delays. Partnering with a cyber security firm, a student consulting team from Old Dominion University’s Strome College of Business (MGMT 490/595) is researching and developing a Unified Cybersecurity Enablement Model designed to transform compliance from a fragmented cost burden into a strategic regional advantage.
The research project utilizes structured consulting frameworks, including hypothesis pyramids and problem disaggregation, to bridge the gap between technical "pain points" and actionable business solutions. Current work focuses on building a "Replication Toolkit" that includes a "Why" deck to communicate cybersecurity's business value to non-technical executives, a stakeholder impact map, and a standardized "How-to" guide for implementation. By transitioning from decentralized compliance to a shipyard-led enablement model, the project aims to reduce subcontractor costs and accelerate compliance timelines. This initiative not only enhances the security of the defense industrial base but also positions regional shipyards as leaders in supply chain innovation
Faculty Advisor/Mentor
Kris Irwin
Faculty Advisor/Mentor Email
kirwin@odu.edu
Faculty Advisor/Mentor Department
Management
College/School Affiliation
Strome College of Business
Student Level Group
Undergraduate
Presentation Type
Poster
Securing the Shipbuilding Supply Chain: A Unified Cybersecurity Enablement Model for Defense Subcontractors
Cybersecurity is no longer an individual firm's concern; it is a critical supply chain issue, particularly within the shipbuilding industry. Currently, shipyards manage hundreds of subcontractors who independently implement cybersecurity compliance (CMMC/NIST 800-171), resulting in duplicated spending across the ecosystem, inconsistent protection of Controlled Unclassified Information (CUI), and significant program delays. Partnering with a cyber security firm, a student consulting team from Old Dominion University’s Strome College of Business (MGMT 490/595) is researching and developing a Unified Cybersecurity Enablement Model designed to transform compliance from a fragmented cost burden into a strategic regional advantage.
The research project utilizes structured consulting frameworks, including hypothesis pyramids and problem disaggregation, to bridge the gap between technical "pain points" and actionable business solutions. Current work focuses on building a "Replication Toolkit" that includes a "Why" deck to communicate cybersecurity's business value to non-technical executives, a stakeholder impact map, and a standardized "How-to" guide for implementation. By transitioning from decentralized compliance to a shipyard-led enablement model, the project aims to reduce subcontractor costs and accelerate compliance timelines. This initiative not only enhances the security of the defense industrial base but also positions regional shipyards as leaders in supply chain innovation