DoDIIS Takeaways: IT Workforce, Partnerships, Interoperability and Data Management

Posted on by Michael Shrader

As the defense and intelligence communities reflect on 2022 and plan for the future, several key takeaways will guide upcoming initiatives. At the Department of Defense Intelligence Information System (DoDIIS) Worldwide, a conference sponsored by the Defense Intelligence Agency (DIA), attendees from the military, industry, government and academia gathered to collaborate and share insights on accomplishing the Department of Defense’s mission.

Agency leaders highlighted that every aspect of the Department of Defense (DoD) and Intelligence Community (IC) is critically enabled by IT. Not only is IT the first-in and last-out function for every crisis, oftentimes IT is the mission, not just a supporting role. The DIA recognizes that to innovate with current technology and invest in emerging tech, the journey to maximum productivity often includes the critical evaluation of processes and programs. With IT, misuses must be corrected, software needs to be transparent to users and technology simplified to promote a seamless integration. In essence, IT should be viewed as an evolution instead of a revolution.

To accomplish these goals, the DIA laid out its five main areas of prioritization for the coming years:

IT workforce retention
JWICS modernization, resilience and autonomy
DoDIIS modernization
International connectivity and partnerships
Capability delivery pipeline with Zero Trust and data management

The first part of this two-part blog series covers the discussions of DoD and IC challenges in relation to IT workforce development and retention, partnerships and interoperability and data management. The second blog will cover the enabling technology being deployed including artificial intelligence (AI), machine learning (ML) and the cloud.

IT Workforce Development and Retention

The DoD and IC have encountered challenges upskilling the workforce and uncovering new talent. To fill the gap in applicants, the DIA and IC have turned to contract hires and those from industry who want to spend only a few years in government. The DIA also offers an Education With Industry (EWI) Program where DIA employees can get joint duty credit while working with an industry partner. In addition, the DIA and National Geospatial Intelligence Agency (NGA) have developed recruiting programs for high schoolers and partnerships with local universities to offer high school internships in hopes of encouraging students to develop interest in a government career.

High competition for talent has increased the need for retention incentives and additional education so agencies can maintain the current workforce. To address these concerns, the DoD and IC have begun modernizing their HR systems and seek to automate HR processes and provide self-service capabilities in hopes of expediting the talent acquisition timeline. Another endeavor includes modernizing training platforms for current employees to keep their skillsets up to date. Investing in continuing-education for these agency subject matter experts is important since they play an essential role in advising commanders and building tech options to address threats. Leadership is looking to academia and industry to source individuals with understanding of the current DoD and IC challenges and the global crises. By pulling from these outlets, the DoD and IC can expedite the process rather than having to train from the ground up with high school recruits. To successfully integrate industry workers into the government sphere, the DoD and IC must adapt to make commercial approaches work as well.

Partnerships and Interoperability

In the realm of defense and intelligence, partnerships and interoperability of technology are key to achieving results that maximize each agencies’ unique capabilities and pool combined strengths. By engaging with other agencies and countries, commanders have access to additional information and options. Investing in these resources offer some resolutions to the DoD’s current challenge of how to rapidly develop new warfighting capabilities while also simultaneously addressing current threats.

These partnerships can make a difference through data sharing, which offers new knowledge to commanders for more informed decision making. To make this information and technology sharing a reality, systems and processes must ensure cross-domain security and allow for interoperability throughout data sourcing countries and agencies. Partnering more significantly with Five Eyes countries (FVEY), will be a major source of increased intelligence as the DIA shifts towards integrating systems. In the near future, any DIA cybersecurity programs that do not align and add value to the FVEY countries will be either adapted or removed.

DoD and IC leaders also hope to collaborate with allies such as the Five Eyes to establish baseline international policies that will open doors for easier parity of information and comparability of systems and technology. Without a universal frame of reference, definitions, and laws, practical progress and innovation is impeded.

Connecting with industry has proven to be another valuable resource as DoD and IC leaders are seeking to better understand the full capabilities of current and emerging technology and gain insight into how industry can solve mission challenges. The DoD and IC desire to foster a culture that values systematic, strategic and equitable private sector engagement as well as addresses barriers to those relationships.

Involving the community through continued conversations and strong alliances provides an integrated deterrent and an advantage over the adversary. While these partnerships have taken a back seat in the past, DoD and IC leaders believe that this needs to be a crucial change and take priority.

Data Management

One of the main cruxes for the DoD and IC is harnessing the power of data. Since everything begins with data, the DoD and IC recognize the responsibility to think and act strategically from data collection to exploitation, dissemination and disposal, and seek to improve current data handling methods. Dr. Stacey A. Dixon, Principal Deputy Director of National Intelligence, believes that developing strategies in the IC to accelerate delivery of that data to those that need it, is the greatest challenge of our time for defense and the IC. Currently the DoD has crossed the limit of data input, overwhelming existing data strategies and making data too siloed, too slow and too hard to find to successfully stay ahead of threats. As the volume of data increases, several measures must be put in place to leverage the wealth of information.

According to DoD and IC officials, the one thing industry and government agencies alike can collectively improve, is interoperability; however, unless data source countries’ systems are secure and the data can be worked together, this cannot be accomplished. Because a large, diverse set of data is needed for good ethics and proper execution, the DoD and IC look to gain increased ability to integrate data across classification levels. Maintaining Zero Trust and consistent monitoring is also critical to freeing the data from other sources.

Over the coming years, the DoD and IC seek to implement widespread data tagging as a foundation for effective data management and quality results. This will allow the combining of commercial and government data to merge with the context and experience that the DoD and IC possess to achieve well rounded, sound decisions.

The Office of the Director of National Intelligence (ODNI) released its IC Data Strategy 2023-2025, which outlines its plans for improving the management and use of data. The strategy aims to leverage data to operate, collaborate and communicate at any time, in any place and in any security domain at speed, scale and securely. To achieve this transformation, the strategy focuses on four areas: performing end-to-end data management, delivering data interoperability and analytics at speed and scale, seeking advanced partnerships for continued digital and data innovation, and transforming the IC into a data-driven enterprise. Finally, it outlines a modular and agile framework that integrates business, functional, technical, security and data standards to provide a blueprint for the use of data in the IC.

Dr. Raj G. Iyer, former CIO for Information Technology Reform, Office of the Secretary of the Army, stated that data will be the new ammunition. At the end of the day, it comes down to enabling optionality for commanders, enabling mission command and enabling a common operating picture. Dr. Iyer emphasized that this is not a technology strategy, but a digital transformation to change operating models and leverage data in ways that U.S. competitors have not.

Utilizing artificial intelligence, machine learning and the cloud will empower these goals. Read part two of this series to find out more.

Check out our Fast Facts and Future Initiatives of the DoD and IC Resource for more information and key insights for the IT industry.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at DoDIIS 2022.*

The Pros and Cons of Low-code in Cybersecurity Environments

Posted on by Joe Peruzzi

In the past, new technology solutions required highly experienced developers to compile certain coding languages, understand specific technologies and utilize specialized software. On top of these challenges, traditional development platforms limited innovation. Now, organizations have a new and improved development option, which can reduce time and costs while increasing customizability, automation and growth, known as low-code platforms.

Low-code can be implemented in various ways, but in the cybersecurity realm, it is often used to automate and streamline processes, such as cybersecurity operations. Low-code platforms allow digital teams to access capabilities and customizable technologies and tools that empower them to quickly produce valuable innovations, applications, and solutions with little to no limitations. Gartner predicts that 70% of new applications will use low-code or no-code technologies by 2025. As a result, application development will shift to allow teams to focus more on assembly and integration rather than development, resulting in improved efficiency, enhanced employee satisfaction and increased productivity.

For the Department of Defense (DoD) cybersecurity professionals, low-code presents an array of benefits and challenges. While it creates agility, simplification and innovation, low-code can also introduce cybersecurity risks and vulnerabilities.

Challenges of Low-Code in DoD Environments

When implementing any new process or platform, the DoD must pay attention to overall security and identify any potential risk factors that could infiltrate the environment. The DoD faces a unique challenge when considering low-code: supply chain management and ensuring the secure execution of low-code to avoid presenting new threats to its organization. For example, borrowing and leveraging unverified code from the internet can cause significant problems among an organization’s platforms. Copying and pasting code without testing it can lead to bugs, errors and inaccuracies that can slow down and harm an environment, creating further security issues.

For cybersecurity and zero trust professionals within the industry, this idea of obtaining and launching bad content is particularly challenging as they strive to protect their organization’s operations. These groups must also be prepared to identify insider threat and guarantee security when utilizing a truly limitless customization of content like low-code. Organizations must ensure new code is protected yet unrestricted. Otherwise, they run the risk of negating the purpose of a low-code platform. Ultimately, the sources and employees creating and executing new low-code must be trusted entities to avoid problems like data leaks, exploitation and cyber-attacks.

Benefits of Low-Code in Cybersecurity

While there are clear risks, the benefits to using low-code solutions continue to make it a desirable cybersecurity option. It offers the flexibility to stay ahead of emerging threats, while simultaneously saving on costs. Ultimately, low-code development enables organizations to keep pace with an ever-changing security landscape.

Respond immediately to emerging threats: Local platforms help an organization to become more agile. Customized low-code content enables organizations to respond quickly when existing security tools may not be able to support the software system and prevent or stop a threat.
Quickly create custom features: The flexibility of low-code within local platforms allows for the creation of features to match the immediate needs of an organization instead of waiting for the release of the latest software which may or may not solve the problem. The progression of low-code implementation increases the longevity and growth of an organization.
Build upon low-code and local platforms to save on costs: A low-code solution along with the implementation of a local platform should be able to fulfill multiple use cases and eliminate various other tools from an organization’s toolbox. Once a local platform is implemented, limitations can be lifted and advancements or replacements can be made to older legacy systems instead of purchasing multiple new tools. This saves costs for security and asset management teams.

Eliminating Risk in Low-Code Capabilities in Cybersecurity Today

The good news for cybersecurity organizations is that they can easily mitigate low-code risks and challenges with proper access controls and a simple deployment process. Any new code created for government customers or internal purposes should undergo rigorous and reliable testing through multiple levels of technical experts within an organization to ensure quality, validity and trustworthiness. Additionally, testing in a simulation of the customer’s intended environment for that code should only be a matter of minutes, ensuring a smooth production process once the code has been executed.

If purchasing a low-code solution from a third-party vendor, organizations should investigate their internal code reviews, Quality Assurance testing and delivery methods to ensure strict standards are being met. Features such as signed content, restricted third party binary executions, and more help ensure an organization can take advantage of the numerous benefits of a low-code platform without introducing risk and vulnerabilities.

The Future of Low-Code

Today’s advanced artificial intelligence-driven technology, combined with natural language processing, enables everyday employees to create complex code by simply asking a question. The local community base within organizations now has the power to heighten efficiency, productivity and creation for their deployments with quicker, more customized low-code content. Low-code and local platform capabilities provide the freedom to create innovative solutions facilitating the growth of their business.

Learn more about secure, low-code cybersecurity solutions like TYCHON at tychon.io.

3 Ways DoD Can Strengthen Network Security and Resilience

Posted on by Brandon Shopp

In October 2022, CISA (Cybersecurity and Infrastructure Security Agency) revealed that multiple hackers had compromised a defense industrial base organization, gaining long-term access to the environment and exfiltrating sensitive data. And those threats are increasing. Since, 2015 the DoD has experienced over 12,000 cyber incidents.

Strong, resilient next-generation networks that protect sensitive data and DoD missions and functions have never been more critical. But, with a complex interconnected information environment, how can federal IT teams strengthen cybersecurity and become proactive instead of reactive? Army leaders have spent much time discussing resilient next-generation networking, but action needs to be taken soon.

To achieve greater network resilience, here are three steps that federal IT leaders can take to prepare for an unpredictable future and safeguard its networks – and those of its contractors – from malicious cyber activity.

Progress the DoD’s “defend forward” strategy

The DoD’s “defend forward” strategy is nothing new. First outlined in the 2018 DoD Cyber Strategy, the initiative is designed to “disrupt malicious cyber activity at its source.” This refers to any device, network, organization, or adversary nation that poses a threat to U.S. networks and institutions or is actively attacking them.

Notably, the strategy shifts DoD and U.S. Cyber Command’s cybersecurity program from reactive to proactive. Rather than detect and remediate threats as they arise, defend forward actively seeks out threats and eliminates them.

U.S. Cyber Command restated its pledge to “defend forward” in October 2022, but it’s principles and standards must be extended across the defense industrial base – the networks and systems that contribute to U.S. military advantages.

Government contractors are held accountable for their cybersecurity practices and choices, but for true resilience, DoD security leaders must establish new standards for information sharing with their private sector counterparts.

In addition to standing by DoD’s pledge to share indications and warnings of malicious cyber activity, DoD must continue to move beyond transactional vendor relationships. Toll-free numbers are not enough for federal CISOs – they need a dedicated, trusted, point of contact within each defense contractor. Someone with whom they can have frequent and honest conversations, conduct deliberate planning, and oversee collaborative training that enables mutually supporting cyber activities.

Embrace AIOps: The next big thing in networking

Powered by artificial intelligence (AI) and machine learning, AIOps is a relatively new approach to network monitoring that boosts resilience by reducing the time it takes to discover issues, detect anomalies, and gives network engineers the context they need to remediate – before a threat materializes.

AIOps-powered observability works by automating the complex task of collecting and analyzing network data across the vast DoD network infrastructure and turning that data into actionable intelligence. With this insight, teams can proactively address network or cyber issues and even predict certain situations – such as signs of network intrusion. A key advantage of AIOps is that it observes remedial action taken and uses these observations to automatically respond to future problems without the need for IT’s involvement – thereby ensuring a more resilient, autonomous network.

Layer in multipath monitoring

Enterprise networks have traditionally been comprised of multiple hub and spoke topologies with linear routing paths and clearly defined traffic flows. But hybrid IT, hyperconverged infrastructure, and modern networking have created complex multipath network environments – any given packet can take any number of different routes, all of which are changing at any moment.

Unfortunately, these multipath topographies can’t easily be visualized using traditional network monitoring tools. There’s simply not enough time in the day to diagram the network, let alone proactively monitor the application traffic and hardware links that comprise it.

The answer lies in finding a network performance monitoring tool that combines multipath monitoring with traditional infrastructure monitoring for greater visibility into network security. Having this insight will allow federal network pros to proactively manage multiple networks, identify issues, and fix them before they get out of hand.

A smarter and more collaborative defense

Network resiliency can be achieved at scale, but it will take a concerted effort. Through greater collaboration between the DoD and private sector, as well as the adoption AIOps-powered observability, the DoD will be better prepared to manage and secure increasingly complex, dynamic military network environments.

To learn more about SolarWinds’ AIOps-powered Hybrid Cloud Observability Solution, click here.

| Carahsoft

Tag Archives: Department of Defense