Experts praise Pentagon's march to security standards

The Pentagon's decision to move its thousands of networks under a single security architecture is the right strategy to bolster defenses against hackers and malicious insiders, experts say.

The massive consolidation of the Defense Department's 15,000 networks into a "joint information environment" is expected to cut costs, as well as improve security against Edward Snowden-like leaks, National Defense magazine reported.

The former contractor took thousands of documents from the National Security Agency and distributed them to the media, which is driving a national debate on NSA surveillance of Americans.

Thwarting hackers is also behind the Pentagon's move to have all four branches of the military, defense agencies and overseas commands use the same network and security systems. The expected benefits include killing redundancies and making it easier to detect hacker-induced anomalies.

The transition away from the Pentagon's current mishmash of technology unique to the various government entities is expected to take years. However, experts contacted by CSOonline said the outcome will likely justify the time and expense.

"The better security comes from the lack of complexity," Ron Gula, chief executive and technical officer of Tenable Network Security, said.

Consolidating networks and standardizing systems mean less technology to monitor while making it easier to see when something has been compromised, Gula said.

The Pentagon has already started the transition. The U.S. European Command based in Stuttgart, Germany, was recently brought under a single security architecture. "We are building increments," Air Force Lt. Gen. Ronnie D. Hawkins Jr., head of the Defense Information Systems Agency, told National Defense.

The consolidation effort is likely to include having one data center in a region where there were multiple centers, said Jody Brazil, president and chief technology officer for network security management company FireMon. Having just one means "you now invest more heavily in securing that one data center."

"That's at least what I've heard them talk about and I think it makes sense," Brazil said.

[In Depth: NSA surveillance controversy: Much ado about nothing new?]

Removing silos of technology spread throughout the Defense Department will make it much easier to monitor events across computer systems, Brazil said. In addition, performance data gathered from the systems will be easier to analyze for unusual occurrences.Ã'Â

Sharing information across all entities will also be easier, because everyone will be able to understand the data, since it will come from the same systems. Brazil said.

For catching Snowden-like leakers, the Pentagon plans to standardize on identity access management technology used for fixed computers and mobile devices, Hawkins told National Defense. In addition, workers and contractors would be subject to "no notice inspections" to ensure they are complying with security standards.

No security architecture is bulletproof, particularly against the highly sophisticated, state-sponsored hackers the Defense Department is battling from countries like China. Experts acknowledged that breaching a standardized network could enable intruders to travel much deeper than they would if they had invaded a system unique to one agency.

However, having the same systems throughout means security pros will know the potential entry points. With different systems, those weaknesses are much more difficult to tract and monitor.

"I'd rather defend against a few knowns than defend against all the unknowns," Gula said.

The most difficult barrier the Pentagon is likely to face is the army of employees comfortable with the old computer systems, but who now have to march to something new.

"People as a species don't like change," Gula said. "They don't like to learn new things."

The Pentagon also will struggle to find enough experts to make the technical changes, administer the new systems and train employees to use them.

"That remains one of the bigger challenges," Brazil said.

Pentagon officials told National Defense that the transition will not require additional funding from Congress, but would come out of the Defense Department's cybersecurity budget.

Read more about network security in CSOonline's Network Security section.

Join the CSO newsletter!

Error: Please check your email address.

Tags applicationssecurityEdward SnowdennsapentagonsoftwareData Protection | Network Securitydata protection

More about Defense Information Systems AgencyHawkinsNational Security AgencyNSATenable Network Security

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place