Military leaders on partnerships that drive modernization strategies

When the pandemic hit, the mission didn’t stop for the military services. But it had a big impact on the speed at which they modernize infrastructure and communications, according to security and IT leaders at the U.S. Army, Air Force and Coast Guard who spoke during Fortinet’s Security Transformation Summit.

In the panel discussion — moderated by Rick Peters, CISO for operational technology in North America at Fortinet — the group explained how the shifts in technology strategies have affected military operations and what advancements are being made to meet the accelerated demands on security and cloud during this unprecedented time.

The panel, “How Integrated, Automated Cybersecurity Empowers Military Mission Support,” was hosted by Scoop News Group on Nov. 12, 2020.

The value of industry partnerships to shape modernization strategies

Partnering with industry was invaluable, says Rear Adm. David Dermanelian, assistant commandant for C4IT (CG-6) for the Coast Guard. Not only are the companies trusted partners who deliver the Coast Guard’s network infrastructure, but they also are key in providing due diligence for supply chain risk and helping the Coast Guard minimize the complexity in its operating environment.

All the military leaders on the panel agreed that working with industry partners allows each service unit to get the best in innovation and best practices.

“They can help the services understand how we can get consistency using standardizations and common architecture for our systems,” adds Maj. Gen. Matthew Easley, CISO at the U.S. Army. “Especially for our operational technology systems, because right now the Army has 128 posts and stations. As we connect that operational technology into the DODN, it’s being done in different ways. We’re not getting economies of scales and it’s harder to defend the network that way.”

Raising the bar on security with improved skills, processes and technology

Internal skills training is one strategy for the service units to help achieve their modernization strategies.

“We have a very large workforce, and we know we have to upskill that workforce, retrain, hire more and bring in new soldiers every year. … So, within the CIO’s office, we’ve started a new initiative called Quantum Leap, where we’re going to upskill many of our IT workforce using state of the art training systems so they can do a lot of this in a virtual fashion,” Easley says.

But additionally, Dermanelian says that leveraging industry capabilities can help the military get the most out of the workforce to meet mission goals. He shares the importance of security-as-a-service tools that can help outsource one of the most demanding needs of modernization and thus make it more difficult for adversaries to disrupt or degrade military data and systems.

How service operations influence cloud strategies

Military services are addressing similar challenges around trust and security as they move to the cloud.

“Anytime we have a rapid shift and trend in technology, it drives a different type of discussion,” shares Wanda Jones-Heath, CISO for U.S. Air Force. “A big influence for [the Air Force] is the roles and responsibilities of the cloud provider, versus what we would do for ourselves.”

Easley adds that the work underway with the Joint All Domain Command and Control (JADC2) network is an enterprise cloud undertaking that will shape the Army and Air Force share more information across their different sensor systems.

“I think data integrity is a huge part of that,” Easley says. “How can we trust the messages being passed through this very complicated command control system that we’re going to be putting together. It’s going to be a multi-cloud environment—from tactical clouds, commercial clouds. It’s going to be using all different sorts of communication networks, from our tactical systems, to commercial lease circuits.”

Hear more from security and government leaders who spoke at Fortinet’s Security Transformation Summit.  

This article was produced by CyberScoop and underwritten by Fortinet.