Single Security Architecture Needed for Military Network

The Joint Information Environment (JIE) will enable a single security architecture that may be the key to defending the U.S. military against attacks from cyberspace, said the Joint Staff’s top communicator. Lt. Gen. Mark S. Bowman, J-6, The Joint Staff, told the audience during his luncheon keynote address on the final day of AFCEA’s three-day JIE Mission Partner Symposium in Baltimore that single security services and an enterprise system will provide better cybersecurity for the warfighter.

“Independent information assurance provides gaps, voids and seams [that are] exploited by the bad guy every day,” the general allowed. “We must continue to develop a single security architecture … it will reduce that cyber attack surface.”

On the first day of the symposium, Defense Information Systems Agency Director Lt. Gen. Ronnie D. Hawkins Jr., USAF, decried email as obsolete and stated that the Defense Department should “get off of it.” Gen. Bowman took that a step further and charged email with being a major security risk.

“Email is the most widely used enterprise service that we have, and it probably is the most common vector for attack,” he said. “[It provides] high-speed avenues of approach for the bad guy—he could be a bad guy operating in his garage, or he could be in a [hostile] country.”

The single security architecture will enable better detection of anomalistic behavior on the network, Gen. Bowman added. “We must be able to respond to abnormal behaviors on the network,” he said. “Without a common framework or architecture, we won’t be able to know what the anomalies are” because of the diverse actions inherent in different network architectures.