The persistent threat of cyber attacks has been a top concern for the Department of Defense in recent years. Now, as the Pentagon moves forward with a zero trust approach to cybersecurity, DOD leaders are paying close attention to implementing security not just at the enterprise level, but also at the tactical edge, where threats are notably increasing.
Security at the tactical edge â or in what the DODâs Randy Resnick calls âthe last mileâ â looks different for each service branch, and the DOD is working to better understand these environments to protect edge devices in denied, degraded, disconnected, intermittent and limited scenarios.
âThere really is no single DDIL scenario,â said Resnick, director of the Zero Trust Portfolio Management Office, during a panel discussion moderated by Kip Gering of Xage Security during the Potomac Officers Clubâs 2023 Cyber Summit. âSo we’ve asked the services through the Joint Staff to give us two examples in your service on what you mean by âDDIL.ââ
To illustrate his point, Resnick noted that protective measures like phishing-resistant multi-factor authentication, or MFA, may not always be top of mind for warfighters when theyâre operating in harsh environmental conditions and exposed to the elements. Knowing what exactly these scenarios are for each service is the first step in moving forward with pragmatic solutions, said Resnick, and the next step is making zero trust achievable in these scenarios.
âWe have 91 activities in an enterprise environment for zero trust to stop the adversary. We need to start thinking through what can we mitigate to the 91 and make it simpler at the edge, while still maintaining the ability to slow down or stop the adversary. It’s a little complex, but we’re working it through on the Joint Staff,â Resnick shared.
The Zero Trust Portfolio Management Office has already had three sessions with the Joint Staff on this effort, and the next meeting will be held in September.
While cyber threats are increasing at the tactical edge, attacks on the nationâs critical infrastructure are also on the rise. For the Department of Energy, strengthening cybersecurity and achieving zero trust are made more complex because of the agencyâs broad mission sets.
âWe do everything from open science research to deploying clean energy to securing the nation’s nuclear stockpile,â explained Jodi Kouts, senior advisor for policy for the chief information officer at the DOE. âWe have numerous programmatic offices, 17 national labs and a number of side offices across the country. Implementing some of these zero trust policies is a little bit difficult because as you can imagine, some of our mission sets have a lot of legacy mission critical systems that aren’t easy to update.â
Historically, the DOE has relied on the Purdue model for cybersecurity, in which critical assets and systems are completely air-gapped. But as systems are becoming more interconnected, the DOE is working to adapt.
Kouts said the DOE is looking at âusing AI and machine learning to our advantage to apply data analyticsâ that will help to immediately detect anomalous activity so that solutions can be implemented much more quickly.
Curious about AI in the federal space? Join the Trusted AI & Autonomy Forum hosted by ExecutiveBiz on September 12 to learn more. Register here for this in-person event.
Beyond that, Kouts urged leaders to pay closer attention to their supply chains to bolster cybersecurity.
âAnother thing that I think we don’t talk about enough really is supply chain and really ensuring through software bills of materials that our supply chain is secure when we deploy these critical infrastructure assets so that we have less patching to do on the back end, and we feel a little bit better about how these systems are set up and configured to properly function,â said Kouts.
Linus Barloon II, chief information security officer for the U.S. Senate, highlighted asset management and âknowing your devicesâ as critical components of cybersecurity. Ultimately, this comes down to properly training and educating the user, Barloon said.
He urged that federal leaders should be âworking to train [their] users to help them better understand and to know what a breach looks like and know what the adversary could do.â Spreading this awareness will help users to more effectively defend an organizationâs endpoints and protect against threats.
Offering his industry perspective on the conversation, Laks Prabhala, chief information security officer at Alpha Omega Integration, agreed with Barloon that asset management is a vital component of cybersecurity, alongside identity management, real-time threat intelligence, and perhaps most importantly, having more unity of effort across multiple levels of an organization.
âWe all need to be engaging the stakeholders â that’s number one â internal and external. Especially getting those OT guys working with the CISA folks, attending the cyber staff folks, that is so important. Technology collaborations and programmatic process collaboration and engagement is what weâre seeing,â said Prabhala.
Donât miss the Potomac Officers Clubâs next in-person event, the 2023 Annual Navy Summit, on June 21! Key leaders, experts and decision makers from the U.S. Navy and industry will convene to discuss critical issues and timely topics. Register here to save your seat.
