DOD Urged to Modernize Cybersecurity Infrastructure to Defend Against Global Threats
In light of the increasing global cyber threats and the rapid advances in technology, the Department of Defense (DOD) has been urged to modernize its cybersecurity infrastructure. The 2023 National Cybersecurity Strategy (NCS) emphasizes the need for the federal government to upgrade its defenses and replace or update systems that are vulnerable to sophisticated cyber attacks. This calls for the modernization of both IT and operational technology (OT) infrastructure within the DOD.
While the DOD has been making ongoing efforts to modernize its IT systems for more than a decade, there are unique challenges when it comes to OT modernization. IT modernization primarily focuses on replacing software and systems related to operations and information management. On the other hand, OT modernization involves upgrading equipment and systems in domains such as power control, satellite communications, and military equipment maintenance.
Replacing legacy OT systems can be a challenge due to their complexity and specialization. Unlike IT systems, many OT systems cannot be taken offline as they require full availability. This makes a total replacement unfeasible in many cases. Additionally, the ownership of OT systems is largely in the hands of the private sector, with an estimated 85% of critical infrastructure being privately owned and operated. This further adds to the complexity of modernization efforts as the government does not have full control over these systems.
Another key difference between IT and OT modernization is the implementation timeline. IT modernization projects are often shorter and more agile, focusing on rapid prototyping and continuous delivery. In contrast, OT modernization projects can be complex and span several years or even decades, depending on the system.
Despite these challenges, both IT and OT modernization efforts are crucial for the DOD. Updating IT systems can lead to cost savings, increased efficiency, and enhanced security. Addressing OT systems, on the other hand, can improve safety, operational capabilities, mission outcomes, and cyber resilience.
One of the most critical tasks in OT modernization is enhancing security. Legacy OT systems were not originally designed with security considerations in mind, making them vulnerable to cyber threats. Innovative solutions that provide data access and observability are needed to overcome these limitations. Capturing, monitoring, and processing the vast amounts of data generated by heavily digitized weapon systems can significantly advance the DOD’s ability to achieve its defense strategy priorities.
Fortunately, the industry has developed tools that enable OT observability for military fleets and weapon systems. These tools provide real-time edge computing, data capture, and data normalization capabilities. By democratizing and extracting valuable onboard data, fleet operators and maintainers can make smarter and faster decisions, ensuring the military’s advantage over its competitors.
The modernization and security of both IT and OT infrastructure are crucial for the DOD. The 2023 NCS emphasizes the need to accelerate these efforts, highlighting their importance in achieving the Joint All-Domain Command and Control (JADC2) strategy. Intelligence and data sharing are essential for the success of JADC2, as data has become a critical military asset. Therefore, the DOD must prioritize the modernization of its cybersecurity infrastructure to protect against global threats and secure its future in conflicts.
The modernization process is complex, and there are various challenges to overcome. However, by prioritizing these efforts, the DOD can enhance its defenses, strengthen its capabilities, and ensure the security of its operations in the ever-evolving cybersecurity landscape. It is essential for the DOD to continue collaborating with the private sector, leveraging innovative solutions, and investing in cutting-edge technologies to achieve its modernization goals.
Colby Proffitt, a cybersecurity strategist at Shift5, emphasizes the critical importance of ensuring the success of public sector IT and OT modernization. With his deep understanding of the challenges involved, Proffitt stresses the need for effective modernization to safeguard national security and achieve mission success.