Views
8 months ago

GSN Magazine June 2016 Digital Edition

DOD’s “Immune

DOD’s “Immune System” strategy for Cyber Security By Lloyd McCoy Jr. The Department of Defense (DOD) wants to combat cyber-attacks the same way the human body’s immune system uses layered defenses to protect key functions. The idea comes from the military principle that it’s harder for an adversary to overcome an intricate and multilayered defense than a single obstacle. This defense-in-depth strategy dominated the 2016 AFCEA Defensive Cyber Operations Symposium, held in Washington, DC this past April. Senior DOD leaders shared details about the programs and initiatives driving cyber requirements and shaping what the Department will need from industry. Understanding how this timehonored military doctrine applies to cyber security and how it all fits together to form a single security architecture is critical to anticipating where cybersecurity procurements will be concentrated. The Outer Layer The first layer, or outer layer, is how the DOD sees as perimeter defense of the DOD Information Network (DODIN). As the first line of defense for DOD against external attacks, cybersecurity capabilities Lloyd McCoy Jr. here have to be especially robust. The department will be looking for technology companies that have cross-domain and risk management solutions. The growing prevalence of cloud technology in the DOD enterprise applies here as well, especially when DOD data is hosted in a commercial cloud environment. Companies bringing a commercial cloud solution to DOD should be aware of the Cloud Access Points (CAP) since any sensitive data will need to traverse them before entering or leaving DOD’s network. Being aware of what the CAPs look like is important since they’ll require some customization. Plus IT solutions that work seamlessly with the CAPs will have a leg up on competitors that don’t. 6 The Middle Layer The second layer focuses on threats and vulnerabilities within the network itself. The most notable initiative within this layer is DOD’s Joint Regional Security Stacks, which are replacing what used to be localized security stacks. They cut down the number of threat vectors in the DO- DIN and improve its view of what’s happening inside, making it easier to identify a weakness and shore up boundary defenses for individual portions of the network. Analytics solutions are in big need here given the situational awareness that effective security at this level will bring to bear. Also, within this aspect of cyber defense, DOD will need to limit the ability for successful infiltrators to move around in DOD’s network so authentication tools will be in demand. The Inner Layer The last layer is synonymous with endpoint protection. These are desktop computers and mobile devices, numbering in the millions, operating within the Department. The requirements for endpoint protection will revolve around device

hardening, virtualization, workforce mobility, and lightweight, agile security tools that work on different operating systems and built on open standards. Clearly DOD cyber security spending, projected to be about $7 billion in fiscal year 2017 according to budget documents, will continue to stay healthy for the foreseeable future. As cyber security strategies and procurement efforts become more formally structured around this layered defense approach, it’s important to remember that a single solution doesn’t exist in a bubble. With multiple layers involved (and even more vendors), the need for interoperability is here to stay and should be part and parcel a feature of any solution. Addressing local DOD security challenges is important of course, but any solution should also support and enhance DOD’s overarching defense-in-depth strategy. DOD C-level executives, along with the program managers controlling the dollars, don’t have it all figured out, so continual dialogue and engagement between industry and government is critical. Lloyd McCoy Jr. is a market intelligence consultant with immixGroup, an Arrow company that helps technology companies do business with the government. Lloyd focuses on Defense Department agencies, as well as public sector cyber security. He can be reached at Lloyd_McCoy@immixgroup.com or connect with him on LinkedIn at www.linkedin.com/ in/lloydmccoy “We’re powered by new challenges. Our experience has made us experts at providing total security solutions.” PHIL BARRETT 8 years • Power/Utility Business Development Our high standards help you meet yours. Providing superior perimeter security solutions is not just our mission. It’s personal. And that mission never stops. AMERISTARSECURITY.COM | 888-333-3422 7