DISA director outlines areas where he'd like more cyber-help
- By Mark Pomerleau
- Nov 10, 2015
While the Defense Department has deep and extensive experience defending its networks from cyberattacks, Lt. Gen. Alan Lynn, director of the Defense Information Systems Agency, wants to work more closely with industry to improve those defenses and develop new ones.
Lynn spoke to a largely industry audience at a Nov. 10 event hosted by AFCEA’s DC chapter, and -- based on what he’s seen in his first 90 days as DISA’s head -- identified three specific areas where working with private-sector partners could bolster the government networks.
The first area is software-defined networks. The attraction for Lynn is the ability to move networks rapidly if need be. “Imagine networks that would spin up, drop, spin up and drop, and now you’re an adversary trying to get into a network that just dropped,” he said. It’s hard to launch persistent attacks on a “software defined network that’s changing all the time… So I want to get to that point where we’re developing something that’s really hard to attack.”
Second, Lynn said it would be helpful to use more virtual desktop integration. One of the biggest attack vectors is email, he said, where users click on links in a phishing email, and it opens them up to attack. “And the Internet, the actual touching the Internet … it’s dirty out there," he said. "The chances of bringing something back home with you is pretty good. ... VDI might be part of that solution where your actual desktop is not really touching the Internet.”
Lastly, making greater use of the commercial cloud can free up network space and limit the surface that needs defending. Lynn said he wants to “push some of our lesser networks that don’t have a lot of security parts back up to the commercial cloud, so that reduces the number of networks I have to really protect,” he said. “[Y]ou’re not trying to protect everything, you’re protecting what’s important.”
Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.