Cyber Effort Under Way to Safeguard Infrastructure, Official Says
By Army Sgt. 1st Class Tyrone C. Marshall Jr.
American Forces Press Service
WASHINGTON, Feb. 28, 2013 The Defense Department continues to work toward transformation into a joint information environment with defense industry and interagency partners, a senior DOD official said here today.
Robert J. Carey, the Defense Department’s principal deputy chief information officer, discussed the government’s information technology efforts to protect the nation’s cyberspace during a panel at the 12th annual AFCEA Homeland Security Conference.
“The information sharing and collaboration with both the interagency and industry -- specifically with our defense industrial base program -– is really starting to take off,” he said.
During his annual State of the Union address, President Barack Obama announced a new cybersecurity policy intended to establish a framework for a voluntary process for defense industry and government agencies to share information regarding cyberattacks and potential security risks to the nation’s critical infrastructure.
“We have about 75 percent of our ‘spend’ covered by companies in the program, which is significant,” Carey said. “We also have about 75 companies now in the program. We are really making great strides in ensuring the defense industrial base is moving information back and forth across the perimeters, and we are sharing with them to raise the security bar.”
This huge transformation of becoming a joint information environment is gaining speed and momentum, he said.
Though the U.S. cyber environment is huge, the ability to standardize, consolidate, secure and enable access from anywhere and with any device is growing, Carey said. “We are on that path, and we have all the services marching with us to deliver that outcome,” he added. “So that’s a huge success for us.”
Carey also listed priorities for the future of the Defense Department’s information sector.
“[One of] the top ones that come to my mind is continuing to roll out this joint information environment architecture,” he said. “And what I mean by that is the [specifications] and standards that the military services will then drive their networks to as they do tech refresh.”
Another priority is dealing with a cyber environment that contains a great deal of redundant security infrastructure that doesn’t provide any value, Carey said. “But it was set up to wall off an enclave,” he added, “and we can take it out.” Officials are working to roll in continuous monitoring, he added, to automate the detection of anomalous behavior, enabling them to attack and dispose of threats rapidly.
Carey said the third priority is providing command and control to the U.S. military to enable enhanced communications for an environment that will be a “very different environment in three years than it is today.”
“To move [communications] down to a dismounted soldier from a squad, company or platoon is a very difficult feat,” he said, “but the benefits that we gain are tremendous.”
Carey also cited “building out” DOD’s mobility capabilities, allocating satellite communications, taking advantage of commercial technologies, third-party software, and an ecosystem built out by the Defense Information Systems Agency.
“Cloud technologies are going to play into the end state of the joint information environment, which will enable us the access to this ubiquitous information in DOD,” he added.
Carey also noted the budget has been a powerful catalyst for action.
“The question is … ‘How do you get everybody going in that similar direction when sort of pinched in the wallet?’” he asked. “But moving towards a more centralized environment, taking control of the legacy that’s been around for years and years and years, and then moving the organization in that positive direction -- that’s really the difficulty.”
Lastly, Carey said he sees the joint information environment workforce -- the people who run, operate and defend the network on behalf of national security -- as a critical resource for the future. It will be important, he said, to move them from the older lexicon of information technology to the cyber workforce, and to align the skills, training and standards that they need to succeed now and in the future.
“That’s a moving and evolving journey for the 230,000 people that do it on our behalf,” Carey said. “So I imagine [that in] the future we have a far more capable workforce on a far more accessible network that has a dramatically reduced risk to cyber security threats.”