DOD intertwines data security, interoperability challenges
- By Jason Miller
- Mar 06, 2007
ORLANDO ' The Defense Department is spending $2.5 billion on information assurance in fiscal 2007, and a good portion of those funds are to ensure the military can share data safely and more easily with the intelligence community.
John Grimes, DOD CIO, yesterday said the key to information sharing is security. 'If you can't protect information, you can't share it.'
'We are looking at those two areas in our architecture and in the next generation of security technology, and how we may change the nonclassified IP router network,' he said at the Information Processing Interagency Conference, sponsored by the Government IT Executive Conference. 'The only way to get to net-centricity is to ensure we can share information and it is interoperable. We are spending a lot of money on this.'
One program DOD is working on with the Homeland Security Department and other agencies is the National Command Coordination Center, which will improve information sharing among federal, state and local agencies.
Grimes also pointed to DOD's ongoing move to net-centricity and using service-oriented architecture to separate data from the application layer.
'The information must be understandable and must be able to be used over and over again,' Grimes said.
To ensure data interoperability, DOD is moving more toward communities of interest, including one recently set up in the maritime community with the Coast Guard, Navy and other agencies. Grimes said the Office of Management and Budget is paying close attention to how these communities succeed.
While information sharing is important, Grimes said most of DOD's efforts are to ensure all data is secure.
'We have seen a huge increase in targeted incidents over the Internet,' he said. 'We are under attack 24 hours a day, seven days a week, and we are starting to share information on cyberattacks or holes with DHS, and they are sharing back.'
Grimes illustrated DOD's challenges with statistics such as:
- 46 percent increase of hackers altering DOD Web sites
- 28 percent increase in e-mail scams
- 250 percent increase in malware.
He also pointed to recent attacks that took down the National Defense University's system and another attack on the Army's Fort Hood in Texas.
'The Army spent about $50 million to $60 million to bring their sites up after the attack,' Grimes said.
To meet these challenges, DOD is relying on enterprise security solutions such as public-key infrastructure with the Common Access Card and patch management software, he said.
DOD also is working with the Office of National Intelligence to develop standard security policies and uniform reciprocity agreements to accept certification and accreditation of each other's systems.
Grimes also said the Global Information Grid information assurance portfolio is how DOD is moving to the next generation security technology.
'We are tagging data, and it will go into our service-oriented architecture,' he said. 'We are on that road and pushing hard.'