5 December 2015

LTG Alan Lynn on DISA's role in securing DoD networks

http://www.c4isrnet.com/story/military-tech/omr/disa-vision-guide/2015/11/23/ltg-alan-lynn-disas-role-securing-dod-networks/76007290/

Army LTG Alan Lynn was named has been director of the Defense Information Systems Agency and commander of the Joint Force Headquarters-Department of Defense Information Networks (JFHQ-DODIN) in July 2015 for three months, and as such he leads an organization and activities focused on organizing, training and equipping military and civilian personnel that secure, operate and defend the government’s crucial information networks. Overseeing a host of innovative security engineering and efficiency initiatives, he shared his thoughts and plans for the future in these written responses to questions provided by C4ISR & Networks.

C4ISRNET: What do you want to achieve in your tenure at DISA?

LTG ALAN LYNN: I’d like to increase the value of DISA and there are a number of ways we can do that. One is through reducing costs to our mission partners. We’ve been successful in doing that in the past year by reducing our costs by about 9.3 percent. I expect to get down by at least another 7 percent in the next year. But we’ve got to get more efficient.

I would also like to increase our partnerships with other agencies and industry to increase innovation. I have some ideas on that; for example, I’d like to build more resilient infrastructure to defend against cyberattacks.

I have a lot more energy and ideas than that, but my tenure here is short, so I want to get the biggest bang for the buck for the Department of Defense.

C4ISRNET: You have talked about two initiatives: resilient networks and 100-percent assured identity on wireless networks. Can you tell us more about that?

LYNN: This gets into the increased partnerships with other agencies and industry. We’ve been in contact with Defense Advanced Research Projects Agency and with the National Security Agency Commercial Solutions for Classified program and also our good partners in industry that we work with all the time on cyber protection. I think now is the time when industry is starting to think about how to better defend themselves from cyberattacks. Obviously, in the Department of Defense we’ve been ground zero for a lot of the attacks over many years and we’ve gotten very good at defending our networks from cyberattacks. We all are at a point where we can share new capabilities and innovate better network protection together.

There are a lot of interesting things that are being done in DARPA, by our partners at NSA and here in DISA. We just need to bring it all together to build something that not only can be used in the Department of Defense, but I believe can be used more broadly across the United States and with industry.

One has to do with building out the ability for assured identity. At DoD, we use the Common Access Card and it really does help to protect the networks. We need to go to the next stage and are beginning to do some of that now. One example is our development and use of derived credentials that we are using on some of our commercial cell phones now. We don’t need the CAC sleds because the device itself has the derived credentials. That’s part of building better identity management directly into the equipment. I think it’s critical to the future success of the fight against cyberattacks.

The other one is really near term. I see a lot of capabilities in building our networks using software-defined networking [SDN]. It’s currently available and will help us to reduce costs. More importantly, I think there’s an opportunity that if we use it correctly, we’ll gain the ability to morph and change our networks rapidly. That would make it nearly impossible to have a long-term persistent threat remain on our network; because our network could be built and then changed in a way that it can be dropped and built back up again quickly. That means applications and subscribers could be moved on a frequent basis, providing better protection.

I also believe that virtual desktop integration [VDI] will be useful in this area. It allows you to avoid bringing the Internet and email, for example, which are two major threat vectors, deep into your network. I believe SDN and VDI give us the ability to look at networks differently.

C4ISRNET: Can you tell us what the relationship is between DISA/JFHQ-DODIN/CYBERCOM/DoD CIO? How is that changing and what does that mean for the future?

LYNN: That’s an interesting question. First of all, there’s a lot of synergy between DISA and JFHQ-DODIN.

I wear both hats, as I am both the commander of the JFHQ-DODIN and the director of DISA. On the DoD CIO side of that equation, we have the mission to build, operate and protect the DISN, the Defense Information Systems Network, and we also have the requirement to provide the capabilities like those I’ve mentioned. I talked a little bit about derived credentials for classified mobile devices, but we are also developing classified up-to-secret commercial phones and that’s soon to be a top secret capability. So there is an innovation, there is a build function, and there’s a protect function.

Cyber Command is our senior command for cyber protection for the entire Department of Defense Information Networks and that includes a lot of coordination for cyber defenses with all the DoD Components, the military departments and agencies, as well as the cyber protection teams.

One place where you see the synergy between the two roles is the deployment of the joint regional security stacks. The JRSS is a capability that we are building out on the DISA and DoD CIO side of the equation. JRSS gives Cyber Command and JFHQ-DODIN sensors that provide the ability to see the network like never before, to engage in large data analytics to reveal activity on the network in a way we have not done before, in order to respond to threats in real time and to provide better protection.

DISA is taking on new responsibilities for government cybersecurity functions.

C4ISRNET: What is the way ahead for Encore III? What are the advantages and disadvantages of using a big contract vehicle like that?

LYNN: Encore III is on the horizon, as we plan to release the request for proposals in early December. The Encore II contract, which has been very successful, doesn’t expire until 2018. However, because it expires in 2018, we need to have Encore III in place in FY17 so that we can keep those capabilities going.

Encore II is a very important contract, worth approximately $12 billion, and I’ll tell you we have been working hard to develop an Encore III contract because it’s a significant contract as well. The spend limit for that large IDIQ vehicle will be more than $17 billion over a 10-year performance period.

In developing the strategy for Encore III, we have been partnering with industry, via an industry day and a draft RFP, really well, and they have brought in some truly great ideas that we have incorporated. We also have a lot of lessons learned from Encore II. One that comes to mind is to ensure we have small business opportunities. We have built a contract suite solely for small businesses competitions.

At the end of the day, the assumption for these types of IDIQ contracts is that commercial companies can do things cheaper than we can do for ourselves. So we are looking forward to this kind of great competition to drive costs down because as you know, like all of the Department of Defense, we are facing tighter budgets. It’s important for industry partners to understand that we need for them to provide these systems and services better and cheaper than we can do for ourselves.

C4ISRNET: I understand DISA is leading the implementation of Windows 10 for DoD. What does that say about DISA and DISA’s role in the DoD?

LYNN: I think DISA is a great teammate for all of DoD. The DoD CIO, Mr. Halvorsen, asked us to do this on behalf of the department. We immediately reached out to all the agencies and departments, especially our partners at the Joint Secure Host Baseline Working Group and the Air Force, to develop a team that’s going to work the Windows 10 Secure Host Baseline image that meets most everybody’s requirements and complies with the Security Technical Implementation Guide.

It’s important to get this right, because the closer everyone sticks to the image, the better our cyber protection. In other words, we will have a ‘known good,’ and any change that happens to that image will be noticed.

C4ISRNET: DISA is planning to offer expanded email box sizes in DoD Enterprise Email. What caused this change?

LYNN: We try to keep up with what is trending in commercial industry. We’ve seen a lot of growth in email box sizes and we follow industry trends when it makes sense for the DoD. What drove us to look at mailbox sizes was that we saw a number of individuals with a real need for larger mailbox sizes. Some of these people, because of their positions, need to keep almost everything they do in storage for auditability. So we listened to our customers and we are rolling out the services that they need.

C4ISRNET: What do you see as the future for DISA and JFHQ-DODIN in the next five years?

LYNN: I see DISA getting stronger in business processes and doing more end-to-end engineering of software-defined networks and virtualized capabilities to provide the more resilient networks, protected against cyberattacks. For JFHQ-DODIN, you know it’s still at initial operating capability, so in the next five years I definitely see it growing to fully operational capability, and really setting into play the large data analytics necessary to coordinate and synchronize cyber defenses across the DODIN.

C4ISRNET: Anything else you’d like to add?

LYNN: I’m really excited to see that the work we are doing for the Department of Defense is gaining the interest of industry and partners across the board. Because of this growing interest in what we are doing, we have an opportunity, more than any other time, to really form better partnerships, to provide protection and defense of our networks. And I think that’s good for the United States and good for DoD.

No comments: