Information systems that are easy to integrate and build in cybersecurity practices at the foundation top officials' wishlist.
The defense industry needs to focus on developing technology that is easy to integrate and meets cybersecurity norms from the get-go, according to military officials speaking at the 2020 Army Signal Conference.
At the conference, hosted by the Armed Forces Communications and Electronics Association, officials urged industry partners to create products that build in standard security principles at the outset of development and allow for a wide range of use cases.
“Don't give me a bespoke, unique solution for one small problem, so that I can add it to the 42 other devices that I'm hooking up,” Brig. Gen. Paul Stanton, deputy director of operations for U.S. Cyber Command, said. “That’s not helpful.”
Stanton spoke Tuesday—the first day of the conference—on a panel regarding the importance of getting meaningful data to the front lines in real time. Figuring out how to create an information advantage faster than opponents is “warfighting 101,” Stanton argued, but it’s an area that needs improvement.
“How do I integrate these components? How do I design them such that they are intended to be integrated?” Stanton said. “These are some of the challenges that we need our industry partners to help us with.”
Speaking on the same panel, Maj. Adam Brinkman, deputy to the chief technology officer for the Army Special Operations Command, agreed with Stanton’s assessment. Brinkman emphasized the need for industry to make systems that integrate in order for their products to stay viable.
“The problem that we’ve actually, honestly had is making sure the technology we receive can be successfully integrated,” Brinkman said.
The Android Tactical Assault Kit, according to Brinkman, is a good example for industry developers to follow when it comes to creating solutions that fit the Army’s integration vision. Also known as the Android Team Awareness Kit, ATAK is an off-the-shelf software tool with 40,000 users across the Defense Department. Brinkman highlighted ATAK’s availability to a community of developers and its open-source code as contributors to its success.
“What you have is essentially a meeting place where people can develop and create tools for you to quickly integrate into your environment,” Brinkman said.
Vice Adm. Nancy Norton, head of the Defense Information Systems Agency, said in Wednesday session that innovation in the information technology frontier is not just about creating new technology but about making sure the full potential of that technology is realized.
“We have all kinds of technology that we don’t use, that we use 5%, 10% of the capability that’s in it,” said Norton, responding to a moderator question. “We have to figure out how to actually use the capability that’s embedded in the technology.”
A key to making information systems that are easy to integrate is building security protocols into tools from the very start of development, Norton said. As customers, DISA and the Defense Information Technology Contracting Organization are looking for IT providers that are able to meet standards such as the Cybersecurity Capability Maturity Model Certification, or CMMC, rather than pre-existing tools that add on security measures as an afterthought.
“The cost of adding on cybersecurity is tremendous,” Norton said. “And it just won’t work very well if you bolt it on at the end.”