Successfully Executing Today's and Tomorrow's Missions for the Defense Department in the Face of a Persistent Cyber Threat

Terry Halvorsen, CIO, United States Department of Defense
243
417
82

The Department of Defense (DoD) stands at cross-roads facing a future that is fast moving, connected, and highly contested. Technology is advancing rapidly. The Department’s adversaries are relentless and use both traditional and non-traditional methods– DoD is attacked every day in cyberspace. This connectivity impacts the computers and networks that the DoD military, civilian, and contractor workforce uses every day, but also those vital IT underpinnings of the military’s planes, facilities, tanks, and more. This workforce deserves a seamless, transparent technology infrastructure that transforms data into actionable information and ensures dependable mission execution in the face of this persistent cyber threat.

If the DoD was a corporation, it would be at the top of the Fortune 100 – no organization has a broader mission or scope. Comprised of 1.3 million men and women on active duty, and 742,000 civilian personnel–plus 826,000 who serve in the National Guard and Reserve forces –DoD is the nation's largest employer. It operates globally at several hundred thousand individual structures, with work streams that vary from acquisitions; to command and control; to global logistics; to health and medical care; to intelligence; to facilities management– each with a role in cybersecurity.

  To better protect its current infrastructure, DoD is assessing where gaps and vulnerabilities exist and implementing remediation activities. 

From business to the battlefield, the Department is focused on foundational changes that will modernize and integrate the DoD IT infrastructure to enhance its cybersecurity posture in a more enterprise, coordinated, secure, and cost-effective environment. Exploiting proven, yet game-changing, technologies being developed by industry, government, and academia, progress will continue to optimize DoD’s IT infrastructure and continue to protect our people, our networks, facilities, and our weapons systems through mission-appropriate cyber security.

Attempts at cyber intrusions by state and non-state actors have increased dramatically in recent years. Mission-appropriate cybersecurity is critical to dependable mission execution. To achieve this, DoD must fully understand mission risk due to dependence on cyber capabilities, implement technical and operational mitigations where needed, and thoughtfully accept an appropriate level of risk. Industry partnership will be vital to this success, including close collaboration and active communications.  

The Department is raising the level of individual performance and awareness in cybersecurity–this is called “Cyber Basics.” The DoD Cybersecurity Discipline Implementation Plan is the foundational document behind this drive to improve cyber basics.

It focuses on four main lines of effort:

1) use strong authentication;
2) harden devices to securely configure all devices, and improve patching practices;
3) reduce the attack surface to ensure every Internet-accessible Website is protected and in a demilitarized zone, and separate Internet-facing sites from private sites; and
4) defend every computer to ensure that every DoD computer is monitored by what is called a Computer Network Defense Service Provider.

The Cybersecurity Discipline Implementation Plan is supported by a Cyber Scorecard that measures the progress of DoD Components on the path to executing the plan. The results of the DoD Cyber Scorecard are reported regularly to the Secretary of Defense, and they are already driving success.

Cyber security is also being incorporated into how DoD’s diverse infrastructure is designed and acquired. For new programs, DoD acquisition teams are ensuring programs as diverse as new buildings, to planes, tanks, and ships are designed for the cyber needs of today and for the capabilities of tomorrow. To better protect its current infrastructure, DoD is assessing where gaps and vulnerabilities exist and implementing remediation activities. This leverages the approach that there is no such thing as a closed system – if something has a computer, it is at risk.

Realizing the benefits of greater cybersecurity, standardization, security, and cost savings that result from enterprise-level capabilities, DoD is transitioning more than four-million Windows-based desktops, laptops, and tablets to a common operating system, Windows 10. This will enable the Department to leverage common applications and enterprise solutions, and ensure quicker software patching that will help consistently keep software secure and configure all computers to DoD’s security standards. The move will also posture DoD to go to the next step in using cloud computing technology to improve efficiency and security. The Department’s goal is to ensure that DoD moves as rapidly as possible to gain the benefits of this transition, while minimizing its impact on DoD personnel and missions. This unprecedented transition to a standard, DoD-wide operating system will require some legacy programs to modernize their systems. In some cases, DoD may implement Windows 10 without all of the features until hardware is modernized. This still improves overall cybersecurity.

Another way that DoD is modernizing and integrating networks and systems, and improving operational techniques and tactics, is through the IT modernization concept known as the Joint Information Environment (JIE). One of the discrete elements of JIE – and a near term priority for the DoD CIO – are the Joint Regional Security Stacks (JRSS). JRSS addresses the immediate need to defend the cyber war fighting domain. It is a globally implemented, centrally managed suite of network security appliances that standardize and secure the current DoD IT environment and drive cost-effectiveness due to “sun-setting” local network security protections and duplicative network security infrastructures. JRSS will provide a baseline for more coherent, singular security architecture for the DoD cyber defenders, as it will shrink the attack surface to about fifty points on the network, from the current level of more than one-thousand disparate network security suites on its classified and unclassified networks.

As JRSS enables global synchronized network operations, no single DoD Component will have to solve cybersecurity issues on their own. JRSS will also allow the cyber and network defenders to better understand how traffic flows by improving enterprise-wide visibility into the Department’s network traffic. This will allow for prompt detection of vulnerabilities to enable quicker, more effective responses to cyber threats. The U.S. Army began its migrations to the JRSS last summer, with the U.S. Air Force and the U.S. Navy migrating users this summer.  

Innovative, agile, effective, efficient, and capable in defensive and offensive capabilities – these have long-been the characteristics of Warfighters on the battlefront. As the Department faces a battle space that includes cyber, its IT infrastructure is being held to the same standards.

Read Also

Cloud IT with a Chance of Meatballs?

Jeff Wright, VP and CISO, Allstate [NYSE: ALL]

From a Fragile Security Posture to an Agile Security Program

Connie Barrera, Director of Information Assurance and CISO, Jackson Health System

INSIDE or OUTSIDE Where's the Bigger Threat?

Balaji Ramanujam, CIO and SVP for Products, ASI Government

The Role of Encryption and HSMs in Creating Trust

Peter DiToro, VP of Customer Services, Thales e Security