Sponsored: Comprehensive Cybersecurity for Maintaining Tactical and Strategic Naval Dominance
A delayed focus on IT modernization could create a gap between frequent high-impact cyber breaches and the U.S. Department of the Navy’s preparedness to address them. From the SolarWinds hack to ransomware, new cyber threats emerge almost weekly. Advances in technology to help defend against such threats occur so quickly that current acquisition and infrastructure programs cannot keep pace.
The good news is the Navy recognizes the urgency to secure cyberspace, as it can be a continual and dynamic battle space. The Navy’s Information Superiority Vision tasks the Navy and Marine Corps with the mission to “build a more agile, innovative naval digital warfighting platform our leaders can leverage anytime and anywhere.” While the vision is simple—Modernize, Innovate and Defend—securely transforming the antiquated network is no easy feat.
The Next Generation Enterprise Network Recompete (NGEN-R) Service Management, Integration and Transport (SMIT) contract supports modernization plans and mandate integration with existing network infrastructure and tools, while creating a broader migration path over time.
SMIT Migration Requires Broad-Scale Security
Given the Navy’s vast network footprint, security must span multiple enterprise components, from cloud-based software-as-a-service (SaaS) solutions and end user device protection to DevSecOps-based software factories and growing remote workforce requirements. There are multiple dimensions to these security requirements. Outlined below are four recommended starting points based on the current Navy Information Superiority Vision strategies and efforts including:
- Zero-Trust Architecture (ZTA): Rooted in the principle “never trust, always verify,” Zero Trust is a critical element of a security platform approach. Enabled by building a correct and solid foundation, ZTA is an architectural journey over time, not a point product. A proper ZTA is designed to protect modern digital environments by leveraging network segmentation, preventing lateral movement, providing Layer 7 threat prevention and simplifying granular user access control. The National Security Agency (NSA) recommends embracing a Zero-Trust security model and mindset to better secure sensitive data, systems and services. The Defense Information Systems Agency (DISA) and the NSA also recently published a Zero Trust Reference Architecture as a foundational guideline for next-generation cybersecurity.
- Securing end-user compute: Endpoint security is a hot topic for the defense community, with DISA and other cross-DoD leaders emphasizing the need to share policy and operational strategies for endpoint modernization. SMIT will require an overall security strategy that includes machine learning (ML) and behavioral analytics for continuous monitoring of endpoint devices. It will also require that chosen vendors are stable and can ensure long-term viability of product offerings through ongoing research and development.
- Securing cloud access: Disruption caused by the COVID pandemic prompted more users to work remotely, straining the Navy’s cloud infrastructure and derailing the “decentralized” commercial cloud adoption approach the Navy settled on less than three years ago. The Navy now wants better visibility of its network and how its services are being used, as per its Operation Flank Speed, which is an effort to better secure cloud-based collaboration to include access, data and assets.
- Cloud and SaaS security: SaaS and cloud applications are transforming workflows in the DoD and federal environments. Danielle Metz, deputy CIO for the Information Enterprise at the DoD, recently noted the criticality of digital modernization to the National Defense Strategy. SaaS and cloud are vital components of that modernization, but as their adoption progresses within the Navy and across components, they cannot become conduits for data exfiltration or an additional attack surface. The Navy must accelerate speed to capability by driving Forge efforts across program executive offices (PEOs) for DevSecOps to decouple software and hardware. That important step toward modernization requires secure development efforts based on strong cyber hygiene.
Unmatched Capabilities for the Breadth of SMIT Requirements
Protecting the Navy’s highly complex network environment calls for an integrated platform that applies sophisticated automation capabilities built on artificial intelligence (AI) and ML. Palo Alto Networks’ holistic platform approach expands the traditional view of security to meet the breadth and depth of those requirements.
Each of Palo Alto Networks’ platform components could help enable the Navy to operate at the speed of modern technology advances. Palo Alto Networks enables integration of a broad range of tools, including networking infrastructure, identity management (IdAM/ICAM), enterprise endpoint management and others in which the Navy has already invested. By delivering a fully integrated system, Palo Alto Networks allows insights from one tool to be disseminated to and acted upon by all, helping to ensure a full cybersecurity posture greater than the sum of the individual parts.
Palo Alto Networks stands ready to support the Navy in achieving its Information Superiority Vision: to modernize, innovate and defend. We are proud to be a leader in cybersecurity , delivering cutting-edge solutions to strengthen security posture, reduce costs, and increase efficiency for the cloud, endpoints and the network.
To learn more about how Palo Alto Networks is ready to secure Navy enterprise modernization, please visit https://www.paloaltonetworks.com/us-federal.