In October 2022, CISA (Cybersecurity and Infrastructure Security Agency) revealed that multiple hackers had compromised a defense industrial base organization, gaining long-term access to the environment and exfiltrating sensitive data. And those threats are increasing. Since, 2015 the DoD has experienced over 12,000 cyber incidents.
Strong, resilient next-generation networks that protect sensitive data and DoD missions and functions have never been more critical. But, with a complex interconnected information environment, how can federal IT teams strengthen cybersecurity and become proactive instead of reactive? Army leaders have spent much time discussing resilient next-generation networking, but action needs to be taken soon.
To achieve greater network resilience, here are three steps that federal IT leaders can take to prepare for an unpredictable future and safeguard its networks – and those of its contractors – from malicious cyber activity.
Progress the DoD’s “defend forward” strategy
The DoD’s “defend forward” strategy is nothing new. First outlined in the 2018 DoD Cyber Strategy, the initiative is designed to “disrupt malicious cyber activity at its source.” This refers to any device, network, organization, or adversary nation that poses a threat to U.S. networks and institutions or is actively attacking them.
Notably, the strategy shifts DoD and U.S. Cyber Command’s cybersecurity program from reactive to proactive. Rather than detect and remediate threats as they arise, defend forward actively seeks out threats and eliminates them.
U.S. Cyber Command restated its pledge to “defend forward” in October 2022, but it’s principles and standards must be extended across the defense industrial base – the networks and systems that contribute to U.S. military advantages.
Government contractors are held accountable for their cybersecurity practices and choices, but for true resilience, DoD security leaders must establish new standards for information sharing with their private sector counterparts.
In addition to standing by DoD’s pledge to share indications and warnings of malicious cyber activity, DoD must continue to move beyond transactional vendor relationships. Toll-free numbers are not enough for federal CISOs – they need a dedicated, trusted, point of contact within each defense contractor. Someone with whom they can have frequent and honest conversations, conduct deliberate planning, and oversee collaborative training that enables mutually supporting cyber activities.
Embrace AIOps: The next big thing in networking
Powered by artificial intelligence (AI) and machine learning, AIOps is a relatively new approach to network monitoring that boosts resilience by reducing the time it takes to discover issues, detect anomalies, and gives network engineers the context they need to remediate – before a threat materializes.
AIOps-powered observability works by automating the complex task of collecting and analyzing network data across the vast DoD network infrastructure and turning that data into actionable intelligence. With this insight, teams can proactively address network or cyber issues and even predict certain situations – such as signs of network intrusion. A key advantage of AIOps is that it observes remedial action taken and uses these observations to automatically respond to future problems without the need for IT’s involvement – thereby ensuring a more resilient, autonomous network.
Layer in multipath monitoring
Enterprise networks have traditionally been comprised of multiple hub and spoke topologies with linear routing paths and clearly defined traffic flows. But hybrid IT, hyperconverged infrastructure, and modern networking have created complex multipath network environments – any given packet can take any number of different routes, all of which are changing at any moment.
Unfortunately, these multipath topographies can’t easily be visualized using traditional network monitoring tools. There’s simply not enough time in the day to diagram the network, let alone proactively monitor the application traffic and hardware links that comprise it.
The answer lies in finding a network performance monitoring tool that combines multipath monitoring with traditional infrastructure monitoring for greater visibility into network security. Having this insight will allow federal network pros to proactively manage multiple networks, identify issues, and fix them before they get out of hand.
A smarter and more collaborative defense
Network resiliency can be achieved at scale, but it will take a concerted effort. Through greater collaboration between the DoD and private sector, as well as the adoption AIOps-powered observability, the DoD will be better prepared to manage and secure increasingly complex, dynamic military network environments.
To learn more about SolarWinds’ AIOps-powered Hybrid Cloud Observability Solution, click here.