Panelists will discuss the feasibility and suitability of a cybersecurity threat hunting program on Defense Industrial Base networks, as envisioned by the FY21 National Defense Authorization Act. Such an initiative, which would be intended to identify cyber threats and vulnerabilities within the defense industrial base, is fraught with challenges: Would the threat hunting be conducted by the company, the government, or an outside vendor? How would a company’s proprietary data, metadata, and PII be protected? How will companies be protected from liability if mitigation measures or incident reporting impact contract execution or result in disclosure of third-party data? Speakers will address ways in which defense contractors can identify cyber threats effectively while minimizing business and performance risks.