The Defense Information Systems Agency wants to improve the military’s cybersecurity posture in 2020 and that focus is evident in the agency’s top priorities for emerging technologies.
Stephen Wallace, systems innovation scientist at the agency’s emerging technology directorate, outlined 10 technologies for the upcoming year during DISA’s annual Forecast to Industry event Nov. 4.
The priorities include:
Assured identity. DISA is taking another look at how the Common Access Card, which currently operates as a point in time authentication, is used today. Over the next year, DISA wants to apply assured identity to its mobile and desktop devices. In addition, officials want to know how they can continuously monitor the user’s identity "in the background. “How can we build a profile of that user’s identity and their day-to-day actions,” Wallace said. “We’ve had a few successful prototypes so far and we expect to do more as time progresses.”
Automation. Wallace stressed that the agency has to apply automation to more workloads. He pointed specifically to data centers, where automation would allow him to increase efficiency on workloads.
Browser isolation. DISA wants to take a new approach to how it defends the Department of Defense Information Network (DoDIN) by taking a browser and operating it in a commercial provider, which then provides a “video stream” back to the user, Wallace said. DISA is evaluating two vendors for the capability in a test that includes 15,000 users, he said. The browser isolation project marked the first two times DISA used its Other Transaction Authority. DISA has rolled this capability out to all agency users, but has eight other partners testing the offering. The goal is to reach 100,000 more users in the next three to six months, Wallace told reporters at a round table. “This is just a test of technology and then we’ll go from there,” Wallace said.
DevSecOps. DISA wants to take the principles of DevSecOps, an approach to secure software development, and apply it to how it deploys products. Wallace said that with similar devices across the agency, it makes sense for DISA to treat the devices as code. By doing so, DISA can easily share information across its programs and be better prepared for re-accreditation of its devices.
Distributed ledger. Though Wallace said that DISA is on the “backside of that hype curve” on blockchain, he told reporters that the agency is testing distributed ledger in one of its data centers to “explore the technology.” Wallace said DISA has found some areas where the product is useful in the logistics realm with data set sharing, simplifying database management by removing the need for a centralized database access.
Artificial intelligence and machine learning. DISA doesn’t have a dedicated AI/ML office, but the agency is interested in the technology and has several use cases for the technology, Wallace said. The agency is using machine learning on some shared identity projects that are constantly validating user identity. “It’s a technology enabler,” Wallace said. “You will see it pop up in a number of things.”
Mobile/desktop convergence. With users spending so much time on mobile devices like tablets and laptops, DISA wants to allow employees to bring these devices into the office and work on them as a desktop. “The idea is that I can have that mobile device that I’m off working with, come into my office, drop it into a cradle [and] I get a full desktop experience and pick it up, walk away and get a full desktop again,” Wallace said. In the future, DISA wants to provide this service across classification levels.
Security orchestration, automation and response (SOAR). SOAR is an automated approach to cybersecurity and incident response and Wallace said DISA has several projects in this realm. “Our adversaries are better leveraging automation, ML/AI,” Wallace said. “We need to get more in the game of automating our response.”
Wireless transport. The emergence of 5G technology will provide DISA with the ability to provide faster network capabilities to the warfighter, Wallace said. DISA is exploring peer-to-peer communication capabilities brought on by 5G that will provide the warfighter to communicate better at the tactical edge. DISA is also looking at network splicing, in which network operators can designate specific parts of their networks for specific activities. Network splicing will allow DISA to “change the way that we basically ship traffic across the carriers’ networks," Wallace said. DISA want to use the technology to harness the faster compute capabilities at the edge that will come with 5G.
Zero trust. Under DISA’s current approach to network security, Wallace said, the agency uses the user credential to identify the user and then places them in the network depending on where they are coming from, like the internet or the DoD’s internal unclassified network. Under a zero trust framework, DISA would add new indicators to verify user identity, like the device the user is using, the time of day and the credential. “We think that we can take many of those concepts ... and apply [them] to what we do for the department,” Wallace said.