News   Defense News

Summit Highlights DOD's Cybersecurity Initiatives, Challenges

Oct. 8, 2021 | BY Terri Moon Cronk , DOD News

Some of the cybersecurity challenges the Defense Department faces and some of its key initiatives include the highlight of a fireside chat at the Billington CyberSecurity Summit.


David McKeown, DOD's chief information security officer and deputy chief information officer, explained that seven "pillars" make up DOD's cybersecurity architecture.

"The priority of all of the pillars working together, or in harmony, is that we're able to detect advanced persistent threats trying to attack our network, advanced persistent threats that have successfully hacked our networks and their lateral movements inside of our networks," he said.

While DOD has historically been very good at perimeter defenses, it has a lot of tools that it has deployed, McKeown said. "We're successful with 99.9% of all attack vectors. But there is this advanced capability that nation-state actors have [in which] they can get a foothold through a variety of means — phishing, brute force attacks on vulnerabilities that are on servers, web attacks and hacking the code," he said. "And once they get a foothold, what we've found over time is we have to struggle to find them and then finally, eradicate them from an app on the network and have confidence that they're gone from the network." 

A service member works on a cyber-attack simulation.
Computer Work
Air National Guard Staff Sgt. Brandyn Mowers, of the 112th Cyberspace Operations Squadron, works on a cyber-attack simulation at Horsham Air Guard Station, Pa., Jan. 9, 2017. The 112th COS will serve the Department of Defense information network and will be focused on Air Force defensive support in the U.S. and other countries, in addition to governor-tasked operations.
Photo By: Air National Guard Tech. Sgt. Andria Allmond, Air National Guard
VIRIN: 170109-Z-SO401-010M

DOD cybersecurity, McKeown said, has always turned to industry for great solutions with new technologies. "We're also looking to them when they build a new operational technology [to include] cybersecurity and the censoring that we're going to need to protect devices," he added.

DOD is also looking at cybersecurity solutions that it can purchase at scale from vendors, he noted.

"We're actively looking at where we can partner with industry on those solutions to overlay on top of whatever our network infrastructure is," McKeown said.

"We do need to partner with industry, so that they can help us provide better security solutions," he emphasized. "In the area of cloud, we've spent a great deal of time [and] our journey to the cloud has been pretty strong of late. We've migrated a vast majority of our users there, we've partnered with Microsoft to work on the security concerns over time, and we continue to work on those." 

A Navy cyber engineer gives a cyber security briefing.
Cyber Briefing
Chuck Campbell, a Naval Surface Warfare Center Dahlgren Division cyber engineer, briefs USS Secure and cyber capabilities at the second DOD Lab Day at the Pentagon, May 18, 2017. USS Secure is a multi-enclave test environment that enables the Navy's development, evaluation and testing of cyber security concepts and technologies to defend mission critical systems at sea and ashore.
Photo By: Photo courtesy of Naval Surface Warfare Center Dahlgren Division
VIRIN: 170519-N-XI753-005

DOD will continue to adopt what industry is putting out, he noted, adding the department does need the help to "bake in" cybersecurity and not have it as an add-on feature for an additional price.

For DOD's strategic cybersecurity program, adoption of all of the different technologies that industry has to offer is definitely on our radar, McKeown said. "We want to meet with industry, we want to know what they have, but we do want them to be cognizant of the fact that we really kind of demand a secure solution coming in the door."