Unlocking the Power of DoD's Information

Terry Halvorsen, CIO, United States Department of Defense
26
40
10

Walking around the Pentagon, I see an enduring and complex building filled with busy halls and numerous entrances enable efficient access for those who work and visit to come and go as necessary. As headquarters of the Department of Defense (DoD), the Pentagon must provide a secure and effective building for the thousands of people who work here and the millions that they support. This building has proven itself strong enough to withstand direct attack and flexible enough in design to meet the eternally changing requirements of the DoD.

 To unlock the power of our information, our data strategy must be encompassing 

DoD Information Technology is much the same—a complex operational environment that effectively and securely supports our people and mission partners who provide ready military forces needed to deter war and protect the security of our country. The future is one with an unprecedented pace of change in the IT/cyber environment and where the implications of continuous transformation are largely unknown, undefined, and, perhaps, unimagined. Given this, our IT infrastructure must:

  • Adjust to rapidly changing technologies and threat vectors
  • Ensure mission success in the face of cyber warfare by credible and ever-expanding adversaries
  • Enable transparent, real-time, and secure communication
  • Unleash the power of our data by transforming it into real-time actionable information

DoD IT of the future must be a flexible, transparent, and, in many instances, autonomous information eco-system that effectively and efficiently adapts to and supports rapidly changing missions and threat environments. The DoD’s holistic approach to its choice of cyber and IT capabilities willenable on-demand access to vital information through reduced network complexity, greater network visibility, and mission appropriate cyber security to offensively and defensively protect against the full-range of credible adversaries seeking to do it harm.

Reducing Complexity for Increased Operational Impact

Fundamentally, reducing the complexity of DoD’s IT infrastructure will help to increase operational effectiveness, garner greater transparency, and further enhance cybersecurity. The Department is taking an enterprise-approach to do this. The time of stovepiped solutions and capabilities is over. Operational and cost efficiencies are gained with the adoption of enterprise solutions.

As an enterprise network security service for DoD, the Joint Regional Security Stacks (JRSS) are a regionally based, centrally managed suite of commercially available network security appliances that will simplify and secure the current DoD IT environment. Prior to JRSS implementation, DoD had more than 1,000 disparate network security suites on its classified and unclassified networks, supported by separate, individualized, localized Service and Agency systems. At this time, all Services are migrating to JRSS, and the attack surface is rapidly declining - with the end-goal of reducing to approximately 50 points on the network.

Next, the Department’s transition to a single common operating system will improve the Department's cyber posture by establishing a common baseline, reducing the cost of the Department's IT, and standardizing the DoD IT operating systems. This environment enables quicker software patching, and helps keep DoD computers configured to DoD security standards. While this transition is unprecedented in size— impacting more than three million Windows-based desktops, laptops, and tablets, the benefits are evident and all the Military Services are actively moving forward with deployment. Also, adopting a common operating system across DoD will help leverage shared applications and enterprise solutions for areas such as data storage and cloud computing.

Finally, the DoD is pursuing a Hybrid Cloud Environment consisting of a mix of on premise government, and on and off premise commercial cloud services; DoD IT enterprise services; commercial data centers; and more efficient DoD data centers. The benefits of an optimized distributed compute environment are critical to enabling a less complex, more agile and defensible, and less costly IT environment. The department is accelerating cloud adoption with secure access to approved, externally-provided, commercial cloud services for low and moderate-impact missions is critical to our success. Recently, the DoD awarded an onsite managed service contract that will provide an application agnostic, elastic infrastructure, in which programs only pay for what they use. By reducing the footprint—both physical and virtual—security will improve security and costs will be reduced.

Transforming Data into Actionable Information:

While technology is a strategic enabler, we cannot lose sight of the fact that our data is one of the Department’s most vital and strategic assets. The convergence of digital data and the threat environment is upon us. Therefore, the network should both protect and allow appropriate access to the relevant and timely information for real-time decision making. To transform data into actionable information, the value of data must truly be understood.

To unlock the power of our information, our data strategy must be encompassing. Our people, processes, and technologies must be aligned to leverage data as an enterprise asset and to mitigate risk. Part of this is identifying those pieces of data that are no longer relevant—that have expired or surpassed the “use by date”. Data is only as valuable as it is relevant – generally, it does not get better with age. Additionally, data must be classified appropriately— if data is UNCLASS it should be managed and stored as such, reducing overall storage costs.

To maximize the power of information, we truly want to get to an Artificial Intelligence environment that uses automatic and autonomous tools to reveal insights from unstructured data. A platform that can combine, contextualize, and process vast amounts of data offers the Department far-reaching strategic advantages through trend foresight, identification of potential threats, and discovery of unknown opportunities. Actionable information available “at mission speed” enables more impactful and strategic decisions and actions—from business to battlefield. Big data assimilation is being applied in support of operations and cybersecurity.

A seamless, transparent DoD IT infrastructure that transforms data into actionable information and ensures dependable mission execution in the face of the cyber threat will be a force multiplier in the rapidly changing, threat-ridden IT environment. The DoD must leverage industry-proven and enterprise-wide solutions and relevant information to maximize mission effectiveness, increase security, and reduce operational costs. 

Read Also

RSA for Valentine's day, Better than flowers or Candy for this Cyber Girl

Kate Kuehn, Head of Security Practice, BT in the Americas

A Secure Transition to Cloud

Paul Douthit, Director of Cloud Security, CGI Group Inc.

The Security Industry's Largest Blind Spot That We Are Too Afraid to Talk About

Matthew McKenna, Technology Evangelist, SSH Communications Security

Top 2017 Predictions for the Evolving Security Landscape

Chip Witt, Senior Product Manager, Threat Intelligence, HPE Security Research, Hewlett Packard Enterprise