The Department of Defense’s recently released Cloud Strategy covers a lot of territory, from an emphasis on the multibillion dollar Joint Enterprise Defense Initiative as a foundation of its plans, to its description of seven strategic objectives it wants to achieve in the cloud. One of those objectives is to extend tactical support to warfighters at the network edge to give units in the field the technology and tactical information they need to operate in a battlefield where seamless communications are essential and where cyber operations and electronic warfare are an increasingly important factor.
And a crucial element to extending the cloud to the tactical edge is endpoint security–protecting the devices in the hands, on the dashboards, and otherwise at the fingertips of warfighters–which is something that is still very much in the works.
The Cloud Strategy, which was developed with the DoD’s Cyber Strategy in mind, was released Feb. 4, touting cloud’s ubiquity in the global infrastructure and the importance of being able to “process data at the ready.” The strategy calls for unifying cloud efforts involving multiple vendors and developing general purpose and fit-for-purpose clouds, which will make data easily accessible to units in the field. But that data also has to be secure.
The day after the strategy was released, the Defense Information Systems Agency (DISA) convened a three-day Endpoint Security Summit at Fort Meade, Md., to outline the challenge for 250 DoD endpoint security subject matter experts, system administrators, analysts, and users to discuss endpoint as essential to modernization efforts.
“There is an urgency to secure our networks effectively in a way that leverages efficiencies,” Navy Rear Adm. Kathleen Creighton, deputy commander of Joint Force Headquarters – DOD Information Network (JFHQ-DODIN), said at the summit. “We have to get beyond ‘we have to do it our way.’ We have to get to a common way – a common set of standards, so that we can secure the entirety of the DODIN.”
Creighton urged the attendees to take a holistic view of cloud-based operations, combining the overarching strategic policy with the real-world, endpoint operational requirements of combatant commanders. “You’re going to need to figure out how all of these things interconnect and how they relate to your organization,” she said.
In a broad sense, endpoint security refers to extending the same protections that exist within a traditional network environment to remote and/or wireless devices that, by connecting to the network, establish network nodes and often points of vulnerability. That can include laptops, smartphones, sensors, and other devices whose numbers are rapidly growing. In the same way that civilian agencies are grappling with securing smartphones and other mobile devices at home, the DoD needs to modernize its processes and, in a world where adversaries are also concentrating on digital warfare, do it quickly.
“We have to start moving faster,” Carmen Santos-Logan of the Office of the DoD CIO, said at the summit. “We haven’t modernized our end user security platform. Now we have to move out and figure out where we’re going,” she said.
One aspect of endpoint security is combining physical and software-based protections in devices used at the network edge, which was the focus of a session at the AFCEA TechNet conference last August in Augusta, Ga., on cyber electromagnetic activities. Security experts have also touted the advantages that machine learning can bring to mobile devices by monitoring constantly for behavioral anomalies and other signs of intrusion.
The Defense Advanced Research Projects Agency, meanwhile, is looking to ensure that data being shared in a cloud system can always be tracked, with its Guaranteed Architecture for Physical Security (GAPS) program.
DISA said it plans to keep the brainstorming on endpoint security going through weekly meetings of the DOD Endpoint Security Operational Working Group. Melissa Simpson, deputy chief of JFHQ-DODIN’s Cyber Fusion Operations Team, said continued collaboration among DISA, the DoD CIO’s Office, the U.S. Cyber Command, and JFHQ-DODIN “is vital to the development of an endpoint security strategy and enterprise capability.”