The U.S. Air Force’s chief of information dominance says contractors and their suppliers are being held to a “higher standard” when it comes to defending against cyber espionage than in years past, as modern, digitally dependent weapons such as the Northrop Grumman B-21 bomber enter development.

Russian and Chinese hackers and sometimes even company insiders are known to have stolen state secrets relating to the Lockheed Martin F-35, Boeing C-17 and other major weapon systems by accessing vulnerable networks in the supply chain. It is generally accepted that China’s Shenyang J-31 and Chengdu J-20 fifth-generation combat aircraft are derived from stolen U.S. technology, and swiped information is also used to create weapons that undermine American advantage.

Speaking at a Defense Writers Group forum in Washington on July 7, Air Force chief information officer Lt. Gen. William Bender says the industrial supply chain remains an area of “deep interest and concern” and the Air Force is taking a “deeper look” into who is supplying parts and materials and what vulnerabilities could exist. “It’s not just primary vendors, it’s secondary, tertiary and even further down,” he says.

Bender says the B-21 team, like all major weapons system developers, must recognize that “the threat is real” and that it needs to be fully understood, discussed and acted upon. He says a network “resiliency effort” is under way within Air Force Materiel Command and the various program offices to better protect sensitive information from cyber hacking. The B-21 project is managed by the secretive Air Force Rapid Capabilities Office.

Resilience initiatives also target legacy aircraft – many of which predate cyber warfare as we know it today.

“We have to go back in time and try to address known vulnerabilities,” Bender says. “We have a robust plan to get into those platforms as aggressively and with as much as we can afford, and as soon as we can get there. It’s what we would call bolt-on cybersecurity.”

Bender says patching or hardening older weapons against cyber threats presents a “large bill” and 100% compliance might not be affordable. The force will need to accept some “resiliency factor,” he says.

The Air Force will lean on public-private partnerships when it comes to cyber protection, as it cannot attract the same number of tech experts as Silicon Valley-type tech hubs.

As the service grapples with its own security needs, it is also ramping up support for U.S. Cyber Command (Cybercom), which employs digital weapons at an operational level while also defending mission-critical military networks associated with the air and missile defense, nuclear and space enterprises, among many others. Cybercom plans to stand up 133 fully operational cyber mission teams by the “end of fiscal 2018.” As of April, 68 of those teams had reached initial operating capability and another 27 were fully operational. The cyber mission force is authorized to grow from 4,990 people today to 6,187, with personnel drawn from all of the services and U.S. Coast Guard.

The Air Force is committing 1,715 airmen to 39 cyber teams, but Bender is also advocating for an organic cyber force that can sweep its own networks and installations. He says the “devil is in the detail” when it comes to protecting Air Force assets.