DoD’s Cyber Posture: A Focus on Automation

The importance of the security of the Department of Defense’s (DoD’s) networks is no secret (well, of course a lot of it is secret!). This is evidenced by the Department’s IT/cybersecurity budget request that annually tops $40 billion dollars. Last year’s IT and Cyberspace Activities Budget Overview perhaps said it best:
“Successful mission execution is contingent on a seamless, secure infrastructure that transforms data into actionable information and ensures dependable mission execution in the face of the persistent cyber threat.”

In addition to funding DoD’s annual cybersecurity budget request, Congress, acting in its oversight role, provides multiple recommendations and gives explicit direction in the National Defense Authorization Act (NDAA) on how it believes the Department can best achieve and maintain this security. The NDAA for Fiscal Year (FY) 2021 is no different. This year’s bill is full of the typical cybersecurity requirements, including an annual assessment of cyber vulnerabilities of major weapons systems, an assessment of cyber hunt forward missions, and Congressional direction to undertake a baseline review of the Joint Regional Security Stacks (JRSS).

However, tucked away in the Senate Armed Services Committee’s report (that accompanied their version of the FY21 NDAA) is an important, but little noted provision. That provision directs the Secretary of Defense to undertake a demonstration of interoperability and automated orchestration of cybersecurity systems. While the report language is not technically part of the NDAA itself, DoD takes both the Senate and House Armed Services Committee reports very seriously, most often treating them with the effect of law. Specifically, the Committee required the Department to “sponsor a demonstration of commercial technologies and techniques for enabling interoperability among cybersecurity systems and tools and for machine-to-machine communications and automated workflow orchestration.” The Committee goes on to note that DoD cybersecurity systems lack the capability to automatically connect, giving the Joint Cyber Command and Control System and the Unified Platform as examples.

Perhaps the Department could focus on automation of speed-based cybersecurity metrics as well, harnessing the benefits of real-time compliance monitoring along the lines of the requirements of the NDAA Section 1733 pilot program on cybersecurity capability metrics. No doubt the importance of automation – from security operations center (SOC) functions to incident response – cannot be overstated in the present environment and will continue to grow for the foreseeable future as both Congress and DoD have recognized.

For more information, check out Splunk's security orchestration and automation capabilities.

https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

Defense Information Systems Agency Data Strategy Implementation Plan: Advanced Analytics
Industries
2 Minute Read

Defense Information Systems Agency Data Strategy Implementation Plan: Advanced Analytics

Get a closer look into the Defense Information Systems Agency’s (DISA) Data Strategy Implementation Plan, which calls for a focus on advanced data analytics among its line of efforts.
Meeting Agency Goals through Cloud Modernization
Industries
4 Minute Read

Meeting Agency Goals through Cloud Modernization

Splunk can help U.S. Government agencies leverage cloud-based solutions to meet mission and operational goals.
Digital Resilience Powers Your Mission: GovSummit 2024 in Review
Industries
3 Minute Read

Digital Resilience Powers Your Mission: GovSummit 2024 in Review

Splunk's VP of Public Sector, Bill Rowan shares his three key takeaways from Splunk GovSummit 2024.
https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/about-splunk
https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/subscribe-footer