GSN Magazine June 2016 Digital Edition
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
DOD’s “Immune System” strategy for<br />
Cyber Security<br />
By Lloyd McCoy Jr.<br />
The Department of Defense (DOD)<br />
wants to combat cyber-attacks the<br />
same way the human body’s immune<br />
system uses layered defenses<br />
to protect key functions. The idea<br />
comes from the military principle<br />
that it’s harder for an adversary to<br />
overcome an intricate and multilayered<br />
defense than a single obstacle.<br />
This defense-in-depth strategy<br />
dominated the <strong>2016</strong> AFCEA Defensive<br />
Cyber Operations Symposium,<br />
held in Washington, DC this past<br />
April. Senior DOD leaders shared<br />
details about the programs and initiatives<br />
driving cyber requirements<br />
and shaping what the Department<br />
will need from industry.<br />
Understanding how this timehonored<br />
military doctrine applies<br />
to cyber security and how it all fits<br />
together to form a single security architecture<br />
is critical to anticipating<br />
where cybersecurity procurements<br />
will be concentrated.<br />
The Outer Layer<br />
The first layer, or outer layer, is how<br />
the DOD sees as perimeter defense<br />
of the DOD Information Network<br />
(DODIN).<br />
As the<br />
first line<br />
of defense<br />
for DOD<br />
against external<br />
attacks,<br />
cybersecurity<br />
capabilities Lloyd McCoy Jr.<br />
here have to<br />
be especially robust. The department<br />
will be looking for technology<br />
companies that have cross-domain<br />
and risk management solutions.<br />
The growing prevalence of cloud<br />
technology in the DOD enterprise<br />
applies here as well, especially when<br />
DOD data is hosted in a commercial<br />
cloud environment. Companies<br />
bringing a commercial cloud solution<br />
to DOD should be aware of the<br />
Cloud Access Points (CAP) since<br />
any sensitive data will need to traverse<br />
them before entering or leaving<br />
DOD’s network. Being aware of<br />
what the CAPs look like is important<br />
since they’ll require some customization.<br />
Plus IT solutions that<br />
work seamlessly with the CAPs will<br />
have a leg up on competitors that<br />
don’t.<br />
6<br />
The Middle Layer<br />
The second layer focuses on threats<br />
and vulnerabilities within the network<br />
itself. The most notable initiative<br />
within this layer is DOD’s Joint<br />
Regional Security Stacks, which are<br />
replacing what used to be localized<br />
security stacks. They cut down the<br />
number of threat vectors in the DO-<br />
DIN and improve its view of what’s<br />
happening inside, making it easier<br />
to identify a weakness and shore up<br />
boundary defenses for individual<br />
portions of the network. Analytics<br />
solutions are in big need here given<br />
the situational awareness that effective<br />
security at this level will bring<br />
to bear. Also, within this aspect of<br />
cyber defense, DOD will need to<br />
limit the ability for successful infiltrators<br />
to move around in DOD’s<br />
network so authentication tools will<br />
be in demand.<br />
The Inner Layer<br />
The last layer is synonymous with<br />
endpoint protection. These are<br />
desktop computers and mobile devices,<br />
numbering in the millions,<br />
operating within the Department.<br />
The requirements for endpoint protection<br />
will revolve around device