Lightening the Workload for Cyber Command
The U.S. Defense Department struggles to defend the current network infrastructure.
The U.S. military is moving to the Joint Information Environment (JIE) in part because the current architecture is too complex to be easily defended, Teri Takai, Defense Department chief information officer, said at the April 2 Security Through Innovation Summit, Washington, D.C.
The JIE is the largest restructuring of information technology management in the history of the department. The end state is a secure, joint information environment comprising shared infrastructure, enterprise services and a single security architecture. It will enable full-spectrum superiority, improve mission effectiveness, increase security and realize technology efficiencies, according to Defense Department documentation.
The current infrastructure, by contrast, has been developed and connected in a more piecemeal, ad-hoc fashion that creates complexities. “Our primary concern is security. Our primary concern is the defense of DOD networks, the defense of DOD data and information,” Takai said. “The way we are configured today is enormously difficult for Cyber Command to do their job, to actually be able to see into the networks, understand what is in all of the networks and then be able to actually defend those networks.”
The way the department is currently configured and “architected” is an inhibitor to that, she added, because of its size and decentralized nature. “We delegate the responsibility for that infrastructure down to the base, post and station, and even more so down to the tactical edge,” she said.
As part of the move to the JIE, the department is eliminating some operations centers. “We are actually consolidating our operations centers, because as you operate in a more uniform way, there’s not a need to have as many operations centers,” Takai said. “And quite frankly, we don’t want that many operations centers, because Cyber Command needs to have fewer operations centers to work from as they work to defend the network.”
The JIE will result in other kinds of consolidation as well. The department currently owns about 2,000 data centers, which also are being reduced. And the infrastructure is made up of about 15,000 network enclaves. “We can’t afford, in some locations, to have Army, Air Force, Marine Corps and Navy networks all going into the same location with things like different collaboration services, different email services. It is an expense, and it is a challenge in terms of being able to exchange information and actually be able to operate,” she offered.
On the other hand, she emphasized that consolidation will not go so far that it adversely affects the warfighters. “The need to have control of the networks and the technology to the tactical edge is critical. We’re not talking about standardization and consolidation from the standpoint that we’re going to run one data center. We still need to be able to have information to the tactical edge and be able to protect it,” she explained.
She reported that the JIE is “not a new concept,” pointing out that many large corporations have been through a similar process. Corporations do it primarily to save money, and while that will be one benefit of the JIE, the department’s primary concern is cybersecurity, she indicated. She reported, however, that currently 60 percent of the money the department spends on information technology is spent on the infrastructure.
The department has been in need of more rigid architecture standards, she added. “We’ve had standards in the past, but it’s been pretty loose. There was still a lot of flexibility for individual organizations to configure the way that they wanted,” she stated. “You’re going to see a much more rigorous enforcement of standards, much more rigorous enforcement of the way things are configured.”
But the JIE will not change everything. “That does not mean we will change our selection of products. It doesn’t mean we’re going to eliminate competition, or that we won’t have multiple products. But the way those products are configured will be in a much more standard way,” she clarified.