The Cyber Edge

The Defense Information Systems Agency (DISA) is increasing its focus on innovation and rapid acquisition through the use of other transactional authority (OTA) contracts.

Organizations across the Department of Defense and military services have begun using OTA contracts, which help cut much of the time and costs of developing technologies and acquiring systems. They also allow the military to work more closely with smaller, more agile startups and small businesses that may have creative products but don’t traditionally work with the government.

Legislators on Capitol Hill have formed the Cyberspace Solarium Commission, known as the CSC, which will put together a comprehensive U.S. cyber policy. Sen. Angus King (I-Maine), who is co-chairing the new organization with Rep. Michael Gallagher (R-Wisc.), announced the formation of the Geneva Convention-type commission in a call with reporters on May 13. The establishment of the commission was outlined in last year’s National Defense Authorization Act (NDAA), Sen. King said.

The Defense Information Systems Agency is a combat support agency, and as such, is charged with supplying key information technology to warfighters and civilians around the globe. The agency provides voice, data, video, spectrum, computing and other communication capabilities to combatant commands, the Joint Staff, the services, offices and agencies in Department of Defense and the intelligence community.

Schooling at an early age, an appeal to patriotism and a government program that trades tuition support for public sector work may be necessary to produce the skilled cyber professionals so badly needed across the spectrum of technology jobs in the United States. While the current number of cyber workers is woefully insufficient, the demand increases. For government, the cyber threat escalates daily. For industry, cyber applications proliferate constantly.

Some military and civilian experts are calling on the United States to create a civilian cyber corps to help fill the gap in cybersecurity expertise in times of need. Such a corps could enhance state and local emergency response efforts, help protect Defense Department networks and other critical infrastructure or combat social media information warfare campaigns.

When operating one of the most complex and critical networks on the planet, risk is a given. That risk comes in two forms, technical and operational, and managing both is a matter of balance.

Roger Greenwell, Defense Information Systems Agency (DISA) risk management executive and authorizing official, is responsible for maintaining that balance on the Defense Information Systems Network (DISN), a global enterprise network that enables information superiority and critical communications. The DISN is the core of the Department of Defense Information Network, a worldwide conglomeration of military networks.

The National Security Agency is now sharing the source code of Ghidra, its reverse engineering tool developed by the agency’s Research Directorate in support of its cybersecurity mission. Ghidra, a suite of software analysis tools, examines complied code using capabilities such as disassembly, assembly, decompilation, graphing and scripting.

Ghidra helps analyze malicious code and malware and improves cybersecurity professionals’ understanding of potential vulnerabilities in their networks and systems. With this release, developers can now collaborate, create patches and extend the tool to fit their cybersecurity needs.

The Army is approaching cybersecurity in “a systematic methodical way that takes into consideration that not all things have the same level of risk or threat involved,” states Maj. Gen. Garrett Yee, USA, military deputy to the Army Chief Information Officer(CIO)/G-6.

He cites as an example trying to secure a stand-alone device that is not connected to the network but has an information technology component, versus securing a device that is connected to the network. The stand-alone device offers a negligible risk, so efforts should focus on the connected device, he offers.

The requirement to partner with allied nations and share a classified network will only grow in the coming years, leaders say. In combined exercises, engagements or missions, coalition partners need to be able to connect digitally to share communications, resources and information to strengthen defenses and partnerships. At the Pentagon, the Joint Staff is working to improve coalition systems and how the U.S. can connect securely to those networks outside of the national networks, one expert shares.