Cybersecurity

Halvorsen 'concerned' by status of JRSS software

Terry Halvorsen

Defense Department Chief Information Officer Terry Halvorsen says he is “concerned” with the software component of the Joint Regional Security Stacks, adding that an answer to the problem might lie in Silicon Valley.

While the Pentagon’s top IT official is satisfied with the hardware and command and control aspects of the JRSS, “the piece I’m most concerned with is the software piece,” said Halvorsen, who was speaking June 16 at an AFCEA conference in Baltimore.

The JRSS are a collection of servers, switches and software tools meant to give DOD network operators a clearer view of network traffic. Halvorsen has called the project a “cornerstone” of a larger department-wide initiative known as the Joint Information Environment, which seeks to standardize and consolidate IT networks for better security.

“Software really is the key piece that starts driving the success of JRSS,” in that it allows for visibility in the stacks and for predictive analytics to gauge cyber threats, Halvorsen said. The DOD CIO did not elaborate during his remarks on what exactly concerns him about the JRSS software, and he could not be reached afterward for comment. But he did say that he would continue to focus on the issue, and that his trip to Silicon Valley in April may have provided some inspiration for doing so.

In Silicon Valley, Halvorsen said, he saw some “interesting security capabilities” displayed by vendors that “I think could make us rethink a little bit what we think we can deliver in the first phases of the JRSS software.” Whether or not those capabilities could be replicated on the scale required by the Pentagon is an open question, he added.

The DOD CIO’s speech to technology vendors and military personnel also included an appeal to deploy software patches more quickly. He suggested that the Pentagon could open up its “cyber range” to test patches in a bid to deploy them faster. The problem is acute, according to David Stickley, a services executive at the Defense Information Systems Agency, who has said software vendors that provide security patches and the defense programs in need of them are often on different timelines, creating a dangerous waiting game.

Halvorsen also declared war on passwords. “We have to kill passwords,” he said to scattered applause, adding that biometric data might be one substitute for traditional passwords. “I don’t know what the answer is, but passwords isn’t the answer.”

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.