The Rundown on DOD’s Cyber, Cloud, and Big Data Priorities

by Lloyd McCoy Jr., Consultant

I recently attended a multi-day AFCEA event highlighting the latest cybersecurity initiatives within the Department of Defense, primarily the Defense Information Systems Agency (DISA) and the U.S. Cyber Command (CYBERCOM). While the conference was mostly focused on cybersecurity, government speakers also spoke openly about what they’re doing in the areas of cloud and big data and analytics. Additionally, this event served as one of the last industry engagements for the Director of DISA, Lt. Gen. Ronnie Hawkins, who will be replaced by Deputy Director, Alan Lynn in late July.

Below I’ve highlighted areas where DISA and CYBERCOM are looking to expand their capabilities in cybersecurity and cloud.

Improving Cybersecurity Posture
The overarching cybersecurity priorities, heard loud and clear from both DISA and CYBERCOM, cover four main areas:

1. Increasing speed to market
2. Reducing and better understanding DOD’s attack surface
3. Developing better cyber ‘hygiene’
4. Using automation wherever possible

DISA spoke extensively about their reorganization, which was designed to get cybersecurity capabilities implemented faster. You can read more on this here. Program managers and leaders at DISA reiterated the common appeal of making sure security is incorporated in the tool before IT vendors present it to them. They don’t want security to be an add-on (and another headache) they have to deal with after the fact as it could compromise security and is time consuming.

Cybersecurity vendors should also take note that reducing access points to the internet as well as the physical infrastructure remain high on the “to-do” list for DOD. Top cybersecurity leaders at Army, Marine Corps, and DISA all asserted that collapsing gives them a better understanding of the assets they have and what they need to defend. Reducing access points to the internet also allows them to consolidate their resources.

Terry Halvorsen, DOD’s Chief Information Officer (and others), emphasized the importance of automation. The Department is looking for solutions that cut down on manual processes wherever possible. This ties into the concerns about insider threats and bad cybersecurity practices by end users.

Leveraging the Cloud

DISA and CYBERCOM leaders outlined the following cloud technology features driving DOD’s cloud implementation and planned acquisition of cloud platforms:

1. Volume, velocity, and value
2. Mission resilience
3. Application hosting
4. Possibility of public/private partnerships (hybrid cloud)

Among other updates, as commercial cloud adoption takes hold, it’s important to note that commercial cloud vendors will not be going through DISA’s internet access points, but through specific gateways designed for commercial interactions. Also, DISA’s own milCloud is growing as more services and applications get migrated over from military departments.  Additionally, DISA is looking into developing a converged platform for the Defense Logistics Agency, Army, and Air Force inside its enterprise data centers. Make sure to check back next week for Part II of this blog post where I’ll provide an update on DISA’s Big Data and Analytics priorities/needs.

If you need help identifying top federal decision-makers and opportunities in cybersecurity and other technology disciplines, contact immixGroup’s industry-leading Market Intelligence team today to learn about specific offices and contacts that have a pressing need for your solution.