Official Reaffirms DOD Commitment to Cybersecurity
By Army Sgt. 1st Class Tyrone C. Marshall Jr.
American Forces Press Service
WASHINGTON, Sept. 25, 2012 The Defense Department remains vigilant and committed to cybersecurity, especially since its cyber operations present a target for hackers, a senior Pentagon official said here today.
Speaking at the Telework Exchange’s fall town meeting, David L. DeVries, the Defense Department’s deputy chief information officer for joint information enterprise, said the department is an attractive target for potential cyber attacks, due in part to its size.
“DOD is a large magnet for the security vulnerability side of the house,” he said. “Just like they would like to hack into Wall Street or a financial institution, they would also like to hack into the Department of Defense and other federal agencies here.”
Defense Department officials take cybersecurity very seriously, DeVries said, and that creates pressure on the department’s information technology personnel to stay vigilant.
“It gets exponentially more complex to ensure the security of the whole thing,” he said. “And that’s why I have to keep security at the [forefront].”
DeVries said when he turns on his personal computer at home, it automatically seeks updates from Microsoft and implements those changes. “So Microsoft is keeping track of my computer for me,” he said. “And it’s saying, ‘Hey, I found something and I updated this thing. You need to do this now, Mr. DeVries.’ So I … say, ‘OK, do it.’”
As the Defense Department moves away from laptops and personal computers and toward smart technology, DeVries said, officials face a difficult challenge. “There are more vendors with these [smartphones] that we’re trying to get connected into the network than we can possibly keep track of,” he said.
To police this issue, he added, rules and policies have been published.
“We’re now starting to enforce it,” he said. “I’m looking at it from an end-device capability: Are you complying with the measures I’ve put forth?”
DeVries said he was shocked when he learned, during an earlier panel, of a general lack of security for personal information when people use smartphones.
“What’s amazing is, I thought everything I bought was checked out,” he said, waving his smartphone. “So I thought all those [applications] were checked by somebody.”
A panelist in the earlier discussion said he had a report that said 80 percent of the apps on his smartphone are not compliant with security requirements, DeVries said.
“[This is] my personal stuff I’m worried about there, and now I’ve put it into my workspace. … That’s a scary thought,” he added.
Some companies work with the business world to make sure that their apps and operating systems are secure, DeVries said.
“Other vendors are more worried about, ‘I just want to be open to everybody out there from the teenager all the way up to the grandfather,’” he added.
DeVries said the Defense Department already has taken certain precautions.
“So we published our mobile strategy, and again, with a corporation the size of DOD, we’re going a little bit slow,” he said.
“I can’t keep up with how fast this stuff gets on the street,” he continued. “But I do know I have to protect the data that resides inside DOD -- No. 1, because people’s lives are at stake, and 2, the defense of the nation is at stake. So I take this seriously.”