DOD Cyber Architecture Takes Shape - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity
09:06 AM

DOD Cyber Architecture Takes Shape

Military's cyber defense efforts remain a work in progress, officials say.

DARPA Next-Gen Aircraft: Sneak Peek
DARPA Next-Gen Aircraft: Sneak Peek
(Click image for larger view and slideshow.)

Despite years of development, the Defense Department's cyber warfare/defense systems are still a work in progress. The major concern for the department and the individual services is the ability to coordinate both physical and cyber operations securely, while protecting their own networks from attack, officials said.

One of the Defense Department's, and by extension the government's, key cyber security goals is creating truly defensible and resilient networks, explained Navy Admiral Michael Rogers, commander of US Cyber Command and director of the National Security Agency. Speaking at a recent government-industry symposium, he noted that current DOD networks and the civilian Internet were originally designed to move data across long distances between trusted, assured users. This fundamental piece of the architecture is one of the strengths and challenges of the Internet, he said.

But building a defensible architecture on this existing infrastructure presents a challenge, he explained, because it is "hard to defend something where defense is a secondary characteristic."

[Agencies face challenges in hiring top security talent. Read Government Hiring Practices Hamper Cybersecurity Efforts.]

The DOD's key effort to get around this issue and create a secure work space is the Joint Information Environment. When it is complete, the JIE will allow the individual military services to share information seamlessly and conduct operations in a way that cannot be done efficiently in the DOD's current IT architecture. The initial phases of the program are already underway, with US military commands in Europe and Asia shifting their computer networks to the JIE, he said.

Besides creating a new, secure environment, the DOD also needs to know what's going on in its networks in real time. The military is working on creating a situational awareness capability that will allow human and automated defenders to react immediately to intrusions and attacks on military systems.

Things that also need to be worked out are the military's mission roles and responsibilities for cyberspace operations and where they overlap with civilian organizations such as the Department of Homeland Security, he said. Such cross-jurisdictional operations would be necessary if an attack on US national infrastructure were carried out. In such an event, any military actions would be part of a broader response by the US government, he added.

Just as US Cyber Command is working on larger questions of operating authority, the individual military services are wrestling with how best to integrate cyber operations into their mission roles and fitting into the larger national cyber stance. Lieutenant General Edward Cardon, commander of US Army Cyber Command, explained his organization faces issues such as procurement and operational authorization, the disruptive pace of change, dealing with new embedded technologies, and retaining quality personnel. The Army's cyber branch is only about three years old, so it is still working out its role and organizing its capabilities, he said.

To protect its networks better, the Army is deploying a defensive system to detect anomalies in real time. Smart monitoring and mitigation software also goes a long way in providing the service with a degree of situational awareness on its networks. Reiterating some of the issues faced by US Cyber Command, the Army -- like the other services -- can't see all the way into its networks. Cardon noted that the JIE will help the Army more efficiently keep track of what's happening on its networks.

One step that will help the Army and the other services with more situational awareness in cyberspace is to give the Defense Information Systems Agency a more operational role, Rogers said. DISA is already responsible for running and managing the DOD's computer and communications networks, but with the imminent full deployment of the JIE, the agency needs to take a more active role in network operations. To meet this goal, DISA with working with US Cyber Command to create an operational component to run the JIE and its networks.

Find out how a government program is putting cloud computing on the fast track to better security. Also in the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.

Henry Kenyon is a contributing writer to InformationWeek Government. He has covered Government IT and Defense markets since 1999 for a variety of publications including Government Computer News, Federal Computer Week, AFCEA's Signal Magazine and AOL Government. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
6/5/2014 | 3:09:18 PM
A delicious, juicy plumb waiting to be plucked
This piece should have included as its conclusion:  Attention CISSP pros, Uncle Sam needs you! But then that's where the civilian military defense contractor sector comes in, the utilization of which does not always equal quality as much as it is highly focused on the cha-ching! factor for the contractor's bank account.


10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Is Cloud Migration a Path to Carbon Footprint Reduction?
Joao-Pierre S. Ruth, Senior Writer,  10/5/2020
IT Spending, Priorities, Projects: What's Ahead in 2021
Jessica Davis, Senior Editor, Enterprise Apps,  10/2/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Flash Poll