Defense Department leadership appears to be viewing cyberdefense issues primarily as a matter of policy and strategy that can be fixed incrementally. That is not possible. Cyberdefense deficiencies have became deeply rooted as result of the defective ways in which the Defense Department acquired IT over the past decades. Cyberdefense flaws are inherently enterprise-wide and are mostly not application specific.
Cybersecurity leaks originate from insiders. Unchecked social computing can be the attacker's favorite means for data mining. From the standpoint of our enemies, acquiring easily accessible intelligence from inside sources can be simpler than whatever can be obtained by means of hard work to crack Defense Department barriers.
Guest blogger James Schenck, a U.S. Army veteran and president of the PenFed Foundation, reflects on the military community as we prepare to celebrate our nation's birthday. "This Fourth of July, I ask you to join me in saluting the sacrifices of all veterans who served to defend our nation and remembering their contributions. While the nation reflects on sacrifices of veterans this Independence Day who did not return back from war, I also would like to salute members of the military who sacrificed in other ways."
Migration into a cloud environment by means of virtualization of servers is extremely attractive and has instant paybacks. Compared with other software-intensive improvements, the ability to combine servers in order to increase computer utilization from less than 20 percent to over 70 percent is the most attractive choice in the current environment, when cuts in IT budgets for FY12 and beyond are required by end of this July.
Paul Strassmann offers his insights on network virtualization as an answer to cyber security concerns about the proliferation of things contributing to the "attack surface," such as networks, circuits and computers.
Two weeks ago, I listened to a U.S. Marine Corps brigadier general plead for a lightweight personal computer that shooters could use at the squad level. All of the talk he heard about net-centric networks was meaningless because network centricity did not reach where it was needed. If the civilians could walk around with BlackBerrys, why couldn't the U.S. Defense Department provide comparable services?