Providing secure and efficient communications was the main theme of the AFCEA 2020 Army Signal Conference, which brought together many prominent members of the U.S. Military and cybersecurity industries. The event took place online, highlighting the changing nature of data sharing and communications in the modern world. While the event featured numerous discussions on several related topics, the focus was on the U.S. Military’s push towards a new “Zero Trust” cybersecurity architecture.
Participants and panelists alike discussed how the ever-changing nature of battlefield communication requires moving to a new cybersecurity and data sharing paradigm. Zero Trust architecture offers warfighters on the ground and their contacts all around the world the ability to engage in secure and effective communications and data transfer. Speakers highlighted their concerns over integrating the new system but stressed that to prepare for the battlespace of the future, this new method and the increased cybersecurity it brings is required.
Here are some of the top stories detailing the key takeaways from the event:
DISA Outlines New Cybersecurity Model at Army Signal Conference
An article from Security Magazine describes in further detail the presented outline of the new Zero Trust cybersecurity model, noting that the new system will provide for the effective, reliable, and safe sharing of information with warfighters, national leaders, and mission partners. Zero Trust will incorporate credential and access management, comply-to-connect, assured identity, and security automation, orchestration, and response as it seeks to update and rework existing cybersecurity systems.
“[We must provide] the tools necessary for our forces to deter or defeat aggression across every warfighting domain – cyber, land, air, sea and space, that’s why we are embracing Zero Trust to prevent data breaches,” said Navy Vice Admiral Nancy A. Norton, Director of the Defense Information Systems Agency (DISA).
Lauren C. Williams at Defense Systems reports on the combined efforts of DISA and the National Security Agency (NSA) to create and deliver a Zero Trust architecture. She details how defense communities described their efforts to ensure the integrity of data sharing systems while increasing the available bandwidth for data requests. The issue of bandwidth availability to warfighters and other individuals was a key concern among panelists as the U.S. Military seeks to integrate the new system and develop best practices for the future.
“If we could have direct big, fat pipes between the end user and the commercial cloud provider, as long as they meet the Zero Trust [and] DOD security requirements, that’s ultimately where we want to go,” said John Hale, Chief of Cloud Services at DISA.
‘Zero Trust’ Cybersecurity Plan This Year from DISA & NSA
Highlighting difficulties in implementing the new architecture, Breaking Defense’s Sydney J. Freedberg describes the enthusiasm for the new system, noting that panelists consider it one of the key factors to overcoming the obstacles ahead of the program. Integrating coalition partners was identified as a major obstacle in several pilots designed to test the new system, noting that a main concern lies with the reliance on radio to communicate among partners.
“As we go through that pilot and discover what it really means to implement Zero Trust principles on our network today, then that’ll allow us to come up with a much better architecture. Zero Trust is going to be a journey,” said Patrick Dedham, Deputy to the Commanding General of the U.S. Army Network Enterprise Technology Command.
U.S. Army to Test More Rapid Patching of Combat Software
Andrew Eversden, writing for C4ISRNET, reports on how panelists described the implementation of systems to manage and facilitate software patches to combat systems. While current systems for patch distribution rely on physical hardware delivery, the new system would allow for secure downloads around the world. The most important aspect of this effort is in providing transitional security as new systems are developed and integrated into a global, Zero Trust architecture.
“Having that available with the latest and greatest software for all your systems allows you to pull that software at any time. So, when they have the opportunity to upgrade their systems, that software is available for them. They know it’s the latest, they know it’s securely patched, and all vulnerabilities have been mitigated,” said Major General Mitchell Kilgo, Commanding General at the U.S. Army Communications-Electronics Command.
