Army Sees Results as it Continues to Expand its Data-Driven Tools and Cloud Ecosystem

Keith Pannell/U.S. Army

Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now
Brandi Vincent By Brandi Vincent,
Defense Technology Correspondent

By Brandi Vincent

|

A senior official shed light on progress the branch is making in its modernization pursuits.

The U.S. Army is embarking on a deep, digital transformation that is enabling fresh access to commercial cloud offerings and more strategic and secure applications of technology and data. 

And Maj. Gen. Matt Easley has had a front seat view to that military-driving modernization.

“Army Vantage [an Army-wide data management program and platform,] is now being used by over 35,000 people worldwide to assist decision-making across Army echelons and is providing curated, authoritative data, dashboards, common operating pictures and custom tools for analysis,” he recently explained.

After serving for a couple of years as the director of the Army’s Artificial Intelligence Task Force, Easley was named as the branch’s director of cybersecurity and chief information security officer in mid-2020. Recently, he moved on from that role to serve as the deputy principal information operations adviser to the Defense secretary, within the office of the undersecretary for policy.

During his final days as cybersecurity chief, Easley briefed Nextgov over email regarding his time leading the office, and his expectations for the Army’s future.

NG: How would you characterize your leadership style as CISO and Cybersecurity director, and what kind of culture do you try to create to best meet mission demand?

Easley: Being the CISO of one of the largest federal agencies has really called me to use multiple leadership styles. The U.S. Army’s network, with more than a million users and a million endpoints, requires situationally dependent leadership philosophies. Foremost is transformational leadership. The cybersecurity landscape is evolving fast. New technologies are improving our information systems—everything from cloud to software-defined networking. As the internet connects more of our work environments, our homes and infrastructure, our attack surface is increasing and our cybersecurity solutions have to keep pace. Incremental change to highly manual cybersecurity processes won’t be sufficient to protect us against highly automated attacks. We have to transform our processes, technologies, and workforce to secure this new environment. 

At other times, I use a coaching style, especially to help my staff work through novel problems or to mentor rising soldiers and civilians. Finally, I hate to admit it, but I periodically have to use a bureaucratic style. Managing the cyber hygiene of all our information systems is required by federal law and an efficient, detailed-oriented, structured system of reporting is the only way we can really see the cyber landscape across thousands of systems.    

For the Army CIO’s Cybersecurity directorate, I’m really trying to encourage a learning culture.  As technology and cybersecurity paradigms change quickly, everyone in this space has to embrace lifelong learning.

NG: Can you highlight some of the work the Army is doing to develop, support and evolve hybrid cloud environments? And how does this fit into the Defense Department’s broader cloud-centered efforts?

Easley: Since we are a global Army with a wide and complex mission across multiple business verticals, from managing people, to hardware supply chains, to fighting wars, we know that we need a combination of multiple commercial public cloud environments supporting Internet as a Service/Platform as a Service /Software as a Service offerings, as well as private, on-premise cloud environments supporting our soldiers outside the continental United States and within the tactical domain. The Army has been employing a model for how we buy, secure and build cloud services for over two years now and each of those components has been designed to support a multi- and hybrid-cloud mission. A lot of what we learned with how we buy multi-cloud and how we have been securing public multi-cloud offerings [is] within cARMY, the Army's enterprise cloud environment that is helping inform how the Defense Information Systems Agency wants to structure Joint Warfare Cloud Capability and shape DOD policy around impact levels and distributed architectures. 

As we expand the cARMY footprint into the overseas and tactical domains, we are collaborating across the DOD around common needs of physical spaces for hosting cloud infrastructure in private, on-premise locations and commercial transport requirements, as we collectively experiment with operational use cases and share those lessons learned. We are also partnering on common design patterns of infrastructure that enable enterprise and war-fighting capabilities to be deployed seamlessly between public and private cloud environments with little to no reconfiguration needed.

NG: Can you provide a status update, maybe describe the evolution of tech and processes for allowing personnel to communicate at higher levels of classification and effectively in remote environments?

Easley: For communicating at higher levels of classification, the Army relies upon approved solutions from the National Security Agency. We are really looking forward to expand[ing] use of their commercial solutions for classified programs. 

NG: What are some of the ways the Army is securely using and applying data, right now, as a strategic asset?

Easley: The Army Digital Transformation Strategy outlines multiple initiatives to ensure that we are leveraging data for accurate and efficient decision making, from Army senior leaders at headquarters to soldiers at the tactical edge. For example, the Army will implement business intelligence protocols to prioritize, mature and scale our data management efforts to better enable access to large datasets.

In addition, we’ve made tremendous progress with Army Vantage, an Army-wide data management program and platform. Army Vantage is now being used by over 35,000 people worldwide to assist decision-making across Army echelons and is providing curated, authoritative data, dashboards, common operating pictures and custom tools for analysis. We’re also planning to establish standard accredited toolsets for artificial intelligence, robotic process automation and machine learning, as well as an enterprise data lake in Army’s cloud for use by all mission areas. Project Convergence and other defender series will continue to prototype and test the ability to leverage artificial intelligence and machine learning. These tools and efforts aim to help us extract quicker and more complex insights from the massive amount of data in our networks, systems and weapons.

NG: What are some of the major challenges confronted by defense entities as they work to implement artificial intelligence-enabled technology, enterprise-wide?

Easley: Two big challenges to implementing AI-enabled technologies include data and digital ecosystems. The world is pushing AI and machine learning systems because they can provide near-expert level recommendations in a wide variety of domains, from analyzing trends in time-series data to image detection and recognition. But to train and develop these systems requires lots of data, and to make these systems more adaptive and accurate, this data needs to be clean, standardized and timely. To get that data to a development environment to build, test, secure and deploy these algorithms, it requires a cloud-based digital ecosystem. This is one of the key points of the Army Digital Transformation Strategy and why it’s so important to support the efforts of the Army’s cloud: cARMY.

NG: The Army has a couple of responsibilities under President Joe Biden’s recent executive order on improving the nation’s cybersecurity. Please discuss those, and fill us in on any progress y’all have made so far.

Easley: The White House’s executive order on “Improving our Nation’s Cybersecurity” has two focus areas for every federal agency. The first is to continue pushing migration efforts to use cloud technology for our information systems. For the Army, it’s critical that we push systems to cARMY, the Army cloud ecosystem, so that cybersecurity professionals and our cyber defenders from Army Cyber Command have one, well-governed ecosystem to secure and defend.  Without a single ecosystem, the Army will have to manage, secure and defend a plethora of disparate systems, which increases our attack surface and the complexity of our reporting system, makes data less accessible and decreases our cybersecurity.

The other key area is to develop plans and policies to implement a zero trust cybersecurity architecture. Zero trust is not a single widget that you can go out and buy.  Instead, it is a cybersecurity paradigm to integrate a wide range of IT, data and security technologies into a more cohesive and robust system of systems. Zero trust is also a tiered approach to cybersecurity so that you can use stronger protective measures for more critical systems and data. The Army is already well along its zero trust path, developing the foundational piece to enable more robust zero trust capabilities in the future. We continue to modernize our identity, credential and access management system so we can have strong and more nuanced trust relationships between users, data and systems. We are implementing comply-to-connect to ensure each endpoint is properly configured before it is allowed to connect. If it is not, automated solutions correct its security posture. And this is only two examples. The DOD’s framework has seven pillars and the Army continues to access its systems for compliance against this framework.  

NG: How are you handling guiding people and military components on the use of encryption? Cybersecurity agencies and officials, for example, advocate the use of end-to-end encryption but note that it will not be possible for some agencies and departments (based on the need to preserve/maintain access to certain data for law enforcement/intelligence types). How is this balance particularly complicated by use of the cloud, and how are you approaching it?

Easley: Federal law is very clear on mandating the use of encryption for protecting controlled unclassified information across the government. This applies to both data at rest and data in transit. The federal government already has strong programs to enforce this through our risk management processes both internal to the DOD and in the defense industrial base. 

End-to-end encryption is possible both in the cloud and in interagency communications, but is only possible with enterprise-level identity and credential access management solutions. The key component to this is the federal government’s public key infrastructure. This allows us to tie the trusted identity of our workforce with encryption certificates. The cloud can actually increase this interoperability with its ability to create a virtual workspace on mobile devices so that the information is maintained in the cloud. 

NG: Based on the previous two years, what are some lessons learned that you'd like to share with your Defense colleagues or other agencies?

Easley: The pandemic has shown us the critical need for our enterprise systems to be available to access anywhere. From our office, from our home, from a training location or from a forward-deployed location. We cannot continue to have our tactical “warfighting” IT infrastructure and then a separate “enterprise” IT infrastructure. The zero trust paradigm will allow us to make access anywhere a reality. 

NG: What is something you are excited to work toward or accomplish in 2022?

Easley: It is really exciting to see the number of organizations pushing cARMY to develop more capabilities for the enterprise. This runs the gamut from just providing cloud-based infrastructure to software as a service. Teams are using cARMY now for project management, as a software repository and as our DevSecOps environment. The Army Futures Command Software Factory is using cARMY to train our new cohorts of Soldier developers as well as for Soldier-centered software development. 

NG: Is there anything else worth noting, or that you’d like to add?

Easley: As part of the Army’s Digital Transformation Strategy, the Army is continuing to assess its digital workforce for future capabilities. We just completed a zero-based review of our cyber-IT and our cybersecurity workforce at two major Army organizations: Army Cyber Command and Army Communications Electronics Command. That study found a good match between their current requirements and the workforce. We still need to assess future needs especially in the areas of artificial intelligence, data analyst and cloud computing and will push to get these jobs formalized in the DOD’s Cyber Workforce Framework.

NEXT STORY: Outgoing Official Pushes for CISA Shift from Risk Advisor to Risk Reducer

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.