Army-wide security plan takes shape

The Army will devise a servicewide computer security plan to boost protection of its information technology assets, according to Army and industry officials.

Army officials say they want to develop a strategy that treats all systems as part

of a cohesive enterprise, rather than

securing each system individually. They

realized the need for such a plan when they began taking an enterprise approach

to managing their hardware and software, officials said.

Their participation in military network defense groups also raised their awareness about the importance of cybersecurity, they said.

"The work being done today is merging a number of initiatives into an overall enterprise approach for the Army," said Col. Thaddeus Dmuchowski, director of information assurance at the Network Enterprise Technology Command (Netcom) and the 9th Army Signal Command at Fort Huachuca, Ariz. "The time is right to document a working plan."

Industry officials, however, believe the new plan stems from persistent attacks on Army systems in recent months.

"It's amazing the government is not more concerned," said an industry official who consults with IT companies that do business with the Army. The person spoke on the condition of anonymity.

Dmuchowski, however, insisted that

this was a proactive move. "No one told me to do it," he said. "It is part of my job now that the Army is planning to operate at the enterprise level, and we have begun to develop or acquire the tools needed, in conjunction with policies."

He cited several factors leading to the formulation of the Army's new computer security plan:

n Participation in the Computer Network Defense Solutions Steering Group led by Strategic Command, which oversees militarywide computer defense.

n Support from the Defense-wide Information Assurance Program, led by the Office of the Assistant Secretary of Defense for Networks and Information Integration, which administers military IT policy.

Top Army IT officials, citing Army policies, would not confirm that their networks have seen more cyberattacks during the past five months.

"The military typically experiences increases in computer network attacks when the geopolitical climate is the way it is," said Lt. Gen. Steve Boutelle, the Army's chief information officer.

Maj. Gen. James Hylton, commanding general of Netcom and the 9th Army Signal Command, said, "We are a nation at war, and although protection of our networks has always had a high priority,we are even more vigilant, and the less the enemy knows, the better it is for the people who protect our networks."

Netcom officials would not discuss details because any comment on the "effectiveness or ineffectiveness of any attacks because this information may provide perceived or possible vulnerabilities within the Army's networks," Hylton said.

In addition to the new information assurance plan, service officials issued a task order in March to hire a vendor to install a storage solution and help manage the Continental U.S. Theater Network Operations and Security Center. The facility monitors the Army's domestic computer networks.

Boutelle and Hylton cited the contract, due for award this summer, as another step the Army can take to secure its systems.

Boutelle compared the measure to adding armor to Army vehicles when enemies find effective ways to attack them. He said the Army can use IT to stay one step ahead of cyberspace enemies.

But the industry official said the Army should be moving faster.

"If it's a matter of money, the Army should do what industry does: finance the infrastructure update over a 10-year-period," the official said.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected