Navy: Faster acquisition key to cyber defense

Faced with a rapidly evolving cyber threat, the Navy is developing new strategies for acquiring cyber defense capabilities.

The problem is that the Defense Department’s existing acquisition model — DOD 5000 — is ill-equipped to meet the fast-moving needs of cyber defense.

“DOD 5000 doesn’t work for cyber defense,” said Kevin McNally, the Navy's program manager for information assurance and cybersecurity. “It’s built for the acquisition of ships, aircraft and weapons systems. Full operational capability can take seven years. Cyberattack tools progress far more rapidly than that.”

McNally, speaking June 28 at the IDGA Cyber Warfare and Security Summit in Washington, D.C., said the new acquisition approach would allow the Navy to work in six-month increments of spiral development, with multiple efforts working in parallel. A group composed of key naval departments will meet periodically to assess progress, identify new threats and re-evaluate needs, McNally said.

“Every six months, we’re looking at requirements, defenses and tools," he added. "We ask, ‘Do we need to field new capabilities? What capabilities do we need, and how should we deploy?’”

The Navy is also implementing DOD’s broader acquisition reform efforts but is taking a proactive approach with the new measures.

“There’s a big push to do acquisition reform, and we’re hoping that’s successful,” McNally said. “But I haven’t seen anything come out yet that simplifies acquisition for IT or cyber.”

For now, the Navy is looking forward to some of the advantages of its new approach, such as being better able to keep up with technology, introducing new commercial products more quickly and closing in on evolving threats. The department is also focusing on issues such as identifying network anomalies and behaviors, moving from reactive to predictive measures, and addressing advanced persistent and insider threats, McNally said.

“I don’t think we’ll ever close the gap [with rapidly evolving threats completely], but we can get closer,” he said.

Still, there are challenges, including securing resources and planning ahead for a future that is constantly changing. The broader DOD acquisition process is also cumbersome and can slow cyber development, he said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected