DOD official: Automation can save Pentagon from drowning in data

Share

Written by

The Defense Department must do more to take advantage of automation tools to avoid drowning in a sea of network data and risk missing cyberthreats, according to a top department official.

“Right now, we buy a system for every use case, so we’re probably generating a lot more information than we need to,” Patricia Janssen, director of cybersecurity planning and implementation in the DOD CIO’s office, said Monday at the RSA Public Sector Conference in San Francisco.

“How do we bring all that data together to help us manage and identify our vulnerabilities and our weaknesses?” Janssen asked.

Automation tools can help DOD cut through the “noise” of unneeded data, she said at a panel discussion of continuous monitoring for cyberthreats. The department’s thousands of computer systems make automation imperative to keep those systems patched and identify insider threats, Janssen added. Training staff to carry that out manually simply isn’t feasible, she said.

Automation will help with risk management in that officials will be able to “make more timely decisions throughout the lifecycle of the system,” Janssen said.

A civilian-agency cybersecurity program known as continuous diagnostics and mitigation (CDM) offers a system of sensors and dashboards for a clearer view of network vulnerabilities.

Kevin Cox, the program’s manager at the Department of Homeland Security, said CDM can help agencies prioritize patching for acute threats like the WannaCry ransomware and the Spectre and Meltdown computer chip vulnerabilities. CDM tells agencies what protections are already in place and thus what additional measures need to be deployed, he said.

Christian Neeley, a partner at Deloitte Cyber Risk Services, preached patience in implementing continuous monitoring tools and reaping their benefits.

“Continuous monitoring is not a one-time capital investment,” Neeley said. “Even when you make iterative progress and have a good scorecard all the way, you have to keep your eye on the ball in the five and 10-year period to really achieve the full benefits.”

-In this Story-

big data, CDM, compliance, Continuous Diagnostics and Monitoring, network defense, SF CyberWeek