The Pentagon Goes Shopping For A New Mobile Phone

Uploaded on 2015-09-24 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

2014_11_FedTalks-560.jpg

Defense Department CIO Terry Halvorsen

The U.S. Defense Department made news last spring when Ash Carter became the first defense secretary in almost 20 years to visit Silicon Valley. In a media call Tuesday, Pentagon Chief Information Officer Terry Halvorsen told a handful of reporters what the Pentagon plans to learn from the private sector, including technology that could automate cyber response, and also provided updates on a plan to outfit parts of the Pentagon with Wi-Fi. 

Here are a few takeaways from that conversation:
1. Sometime in the fall, DOD plans to test out smartphones that can access top-secret information.
Halvorsen confirmed DOD is deploying the top-secret smartphones in the fall, but declined to provide any more detail on the efforts because, he said, “I don’t want people to know when we’re actually going live with those.” He added that the Pentagon has already done some preliminary testing on the phones and is ”continuing to see great results on that.”
2. By the end of fiscal year 2016’s first quarter, DOD plans to deploy civilian employees into Silicon Valley for 6-month rotations, Halvorsen said. This program, modeled after another program that sends military employees for year-long rotations in the private sector, is part of a series of efforts to connect with Silicon Valley tech talent, including a new Pentagon outpost in California, as well as $75 million investment in a coalition of companies and universities working on flexible and wearable electronic devices.
3. DOD is trying to adapt private sector cyber technology.  
The Pentagon is paying attention to cyber solutions offered by startups, Halvorsen said. “Many times they may have really good ideas, but in their initial format they just don’t scale,” he said. “What I’m working with Silicon Valley on, and what we’re trying to [find out] is ‘where do we do the testing to see if they will scale? First of all, where do we test to see if they really will work?’” He added the Pentagon wants to be able to complete pilot programs and tech experiments faster. ”But we also need Silicon Valley to be able to understand that when you can field a tool for 5,000 to 10,000 people, and there’s a market for that, I am not the market for that,” Halvorsen said. “ What I need to look at has to be able to scale to millions of people.”
DOD also wants to automate cyber defense. For now, officials are looking at the basics, such as automatically patching updates. ”At a certain point, I want to be able to have some cyber defense completely automated where a certain set of conditions occur, and the system takes its own response,” Halvorsen added. 

The Pentagon is keeping pace with Fortune 50 companies in terms of cloud adoption, Halvorsen said.
Commercial companies are using private and commercial, just as DOD is, he said. “We’re all trying to find what is going to be that hybrid sweet spot, and how much [data] do you put out there,” he said. 
Within DOD, as in the private sector, there isn’t going to be “one cloud answer . . . there’s going to be some stuff that goes into a perfectly commercial cloud, that’ll work,” he said. “There are going to be things that go into a hybrid cloud where it might be a partnership with the federal government and DOD, maybe federal and state governments.”
An incident in which computers in Pentagon’s food court were hacked, potentially exposing employee information, isn’t really the DOD CIO’s problem.  
“If the food court was hacked, that would not be the DOD that was hacked,” Halvorsen said, adding that he did not have any more data about the incident. 

But he said that plans to install Wi-Fi, including a guest network, in the Pentagon are moving forward and the network is on track to be operational by the end of December. The department is prioritizing major meeting areas and some common spaces. “The key part for us is having all of the sensors in place to assure me that I am using Wi-Fi in all the right ways, and then when I want to say, ‘OK, now turn off the Wi-Fi because I’m doing something else,’ I can be assured that the Wi-Fi is off,” he said.
DefenseOne:  http://bit.ly/1L2VD1j

 

 

 

« FBI Urges Firms to Plan For Cyber Attack
India and US Cyber Agree Security Pact to Combat Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

Southwest Research Institute (SwRI)

Southwest Research Institute (SwRI)

Southwest Research Institute SwRI are R&D problem solvers providing independent services to government and industry clients. Areas of expertise include Cybersecurity, Intelligent Networks and IoT.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

ConnectSecure

ConnectSecure

ConnectSecure (formerly CyberCNS) is a global cybersecurity company that delivers tools to identify and address vulnerabilities and manage compliance requirements.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

AirDroid Business

AirDroid Business

AirDroid Business is an efficient mobile device management solution for Android devices, helping businesses to remotely control and access devices in large quantities using a centralized approach.

Threatsys Technologies

Threatsys Technologies

Threatsys’s Integrated cyber security process helps your organizations to ensure that it’s secure from any fraudulent attacks.

at-yet (@-yet)

at-yet (@-yet)

at-yet are an interdisciplinary team of experts. We are all about achieving results, whatever the situation – an acute incident, risk minimisation, safeguarding or data protection.

iTRUSTXForce

iTRUSTXForce

iTRUSTXForce is a global provider of DigitalX (cybersecurity, privacy, and digital trust) services. We offer comprehensive services that focus on delivering outcomes for our clients.

EyBrids

EyBrids

As a forward-thinking cybersecurity consulting firm, we believe that robust security is the foundation for innovation and growth in today’s digital landscape.