Can DOD overcome its 'data hoarding' problem?

Shutterstock image (by R.T. Wohlstadter): blue binary tunnel, fractal illustration. 

The best way to protect critical infrastructure is to first protect the data.

“If you ask a social media company if they want to be critical infrastructure, they will tell you absolutely not,” said Kiersten Todt, president and managing partner for Liberty Group Ventures LLC during an Oct. 24 panel discussion at the Armed Forces Communications and Electronics Association’s MILCOM conference. "But look at the data that they’re aggregating and look at how that data is being stored."

“How are we defining the difference between critical infrastructure and critical information when all of that data and all of that information is mobile?” she asked.

Todt, who is also a University of Pittsburgh cyber law and policy scholar, called mobile devices “an end-point priority equal to -- I would argue even more so important than -- the laptops and desktops that we each use.” She added that “critical information has to be the priority for how we look at secure devices' data and how we’re securing our workforce,” and predicted that public-private partnerships will facilitate that security.

“We need to be working more effectively together before something happens,” Todt said. “We can’t just identify information sharing as a destination; we have to put the work in to get there.”

There are other challenges as well. All of that information sharing lends itself to data collection, or as the Defense Department's Deputy CIO Essye Miller calls it, “hoarding.”

“We are hoarders,” she said, likening the data problem to traditional recordkeeping and storage, slowly moving files into less secure environments as data’s value diminished. “It’s just a natural inclination that we feel we have to keep everything, which drives the need for security.”

Part of the solution, Miller said, is to put mechanisms in place, such using artificial intelligence and machine learning to automate and manage the rapidly accumulating data. The rest will be cultural.

“Part of it, quite frankly, will be the services' understanding that at some point they’ll have to let go,” she said.

As the DOD modernizes legacy networks, data will ultimately become a key security component. The bottom line, according to former DOD CIO Terry Halverson, is to let data define system security needs.

“We’re not going to be able to define critical infrastructure in the way we used to,” said Halvorsen, who is now Samsung’s CIO and executive vice president for IT and mobile business communication. “In fact, it is going to be defined for us by our critical information, and that is going to take cooperation between all sectors … in ways that we haven’t been very successful at in the past.”

And as the data stacks up, he said, the government will have to learn to throw it out.

“Data is like milk, it actually goes bad after a while,” Halverson said. “It has time frames [for] when it needs to be protected and time frames when it doesn’t.”

“How do you [put] a rheostat on your systems that says, 'Today I need a 10 level of protection on this data, tomorrow I might not need any.' It’s either become exposed or the value of that data has decreased so much that spending money and time protecting it no longer makes sense," he said. "How do you trash data? At some point you need to do that … because [then] you’re storing so much stuff that [what] you’re protecting … actually has no relevant data.”

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.