The U.S. Navy’s Flank Speed cloud platform was introduced about two years ago, in May 2021, and has reportedly helped bring about a wave of positive technological change for the service branch. A collaboration with Microsoft 365, Flank Speed has seen the transition of over 530,000 users to its common suite of tools and shared digital space.
Department of the Navy Acting Chief Information Officer Jane Rathbun said Flank Speed has “increased collaboration and bolstered productivity across the DON,” but promised that it’s “just the beginning of our modernization.” Rathbun addressed an audience of attentive government contracting industry members in a keynote speech at the Potomac Officers Club’s 2023 Annual Navy Summit on Wednesday.
Browse the full list of upcoming Potomac Officers Club events here. Each one offers plentiful opportunities to network and trade ideas with top names in the public and private sectors.
Rathbun explained to onlookers that Flank Speed has “paved the way for working in a zero trust-aligned cloud platform with countless opportunities to build upon it and rapidly meet mission needs as we drive enterprise services across the IT environment.” An allegiance to the zero trust framework is determining the shape and direction of all of the department’s modernization activities, the executive said.
The DON plans to take the information accrued from the rollout and activation of Flank Speed and apply it to upcoming endeavors for enterprise services and the updating of the “warfighting IT environment.” The foundation of zero trust — an enhanced awareness of who is accessing data at any given point — has proven informative to the DON’s approach broadly.
“Data is key to everything that we’re doing. The DON’s vision is to become a modern, data-centric and data-aware organization capable of consuming and exploiting data in near-real-time in support of the warfighter at the speed of mission,” Rathbun stated, adding, “information is combat power.”
To that end, protecting data is of the utmost importance for the Navy. Cybersecurity beyond even the scope of zero trust has become a pressing priority. Before he stepped back from his post in March, former CIO Aaron Weis challenged the service to transition from a cyber compliance mindset to a “cyber ready” stance. This means baking advanced cybersecurity mechanisms into new systems from the start and “retrofitt[ing them] in during an upgrade of an existing system,” per Radmun.
The acting DON CIO shared that the “cyber ready” mission entails holding each program executive office to a “basic set of controls,” requiring that they “have continuous monitoring and an adversarial threat assessment capability [and] that their people are current with cyber training.”
After assessing how successfully they are meeting each category, the department will assign a cyber risk tolerance rating. This process reflects the department’s understanding that “one size doesn’t fit all” for cybersecurity measures and that “we’ll potentially need different tooling and cyber risk tolerances depending on their operating environment.” Rathbun said this will result in an “enclave approach to cyber readiness, working with the systems commands to design their cyber readiness processes to meet the base set of common requirements, and then developing ones unique to the enclave.”
While acknowledging that the Navy are “the leaders in zero trust implementation” and boast “robust cybersecurity tools on our connected network systems,” Rathbun submitted that one area with room for improvement lies with individual commanders. She noted that such officials should aim to better understand and identify who their cyber experts in charge of risk management are, so that new requirements and adjustments can be more speedily integrated into specific programs.
“Risk is the responsibility of every commander. But cyber risk is hard to do when you don’t know who your cyber expert is in certain situations.”