21 November 2021

DIA details push to modernize top-secret network amid 150% uptick in cyber threats

BRAD D. WILLIAMS

WASHINGTON: The Defense Intelligence Agency’s chief information officer detailed today the extensive modernization initiative underway for the Joint Worldwide Intelligence Communications System, or JWICS, which is the top-secret network for the entire federal government and probably the DIA’s most recognizable brand.

Doug Cossa, who has been in the DIA CIO role for six months, said the agency is currently involved in significant “investment in and recapitalization of [the JWICS]” focused on updating equipment, building out cybersecurity tools, and optimizing use cases.

JWICS is the government’s network for hosting Top Secret and Sensitive Compartmented Information, where the Defense Department and the Intelligence Community store their most confidential intelligence. The general public gained wider awareness of the JWICS in 2010, after Chelsea Manning took highly sensitive information off the network and then leaked it to WikiLeaks. The next year it was the network that allowed then-President Obama and his team to keep up with the raid against Osama bin Laden in real time.

When it comes to refreshing equipment, Cossa told GovConWire’s Defense and Intelligence: IT Modernization Forum that the JWICS architecture is old, with some parts dating back decades, and so the push now is to modernize. This also involves building in additional network redundancies and expanding bandwidth.

The second area involves adding more advanced cybersecurity capabilities on the network, including bulk encryption and zero-trust security enabling tech.

“The most dynamic environment we operate in is cyber,” Cossa said. In just the past few years, “we’ve seen a 150% increase in cyber threats.”

To address the cyber challenge, Cossa has embraced zero-trust security. “Zero trust is a concept,” he said. “There is no blueprint for how you do it. It’s a journey.”

Cossa said he’s looking at zero trust-enabling tech across the IT stack, from data encryption and network access control (such as Comply-to-Connect) to behavioral-based and traditional network vulnerability detection.

The third area involves optimizations for new and existing use cases, such as mobility, in addition to artificial intelligence and automation to enable network self-healing. “I think the real value of automation will be self-healing networks,” Cossa said.

In addition to JWICS and the DIA’s other networks, Cossa said his priorities are people, building a DevSecOps pipeline, and delivering new applications to end users. He said the Defense Department’s move to a multi-cloud environment will provide DIA more flexibility.

He also offered some general wisdom about IT and shared how he makes decisions from his perch as the CIO of a premier intelligence agency.

First, he said, he focuses on interfaces, the points at which people and tech interact. From an IT and engineering perspective, he said, “Everything fails at an interface. That’s true technically, and that’s true socially. Anything you can think of fails at an interface.” This highlights the need for clear requirements, he said, because “IT is a system of systems,” and it’s necessary to get requirements right and to maintain an “obsession with why things fail.”

The second consideration is simplicity. Here, he referred to the famous chef Anthony Bourdain’s observation that successful restaurants do three things: Know their customers, know what their customers want, and offer what their customers want in a simple menu. Cossa said that’s the philosophy he applies to IT and has developed a simplified menu of IT options for DIA and its customers, noting, “One of the biggest challenges I have as an IT leader is remaining focused on what our customers need.”

The third consideration is viewing IT through an evolutionary perspective and “building on the bright spots,” which he likened to the “flywheel effect.”

“I hear more about IT revolution than evolution these days, but I think IT is more evolution,” he said. Tech has only leapfrogged forward exponentially several times over the past two centuries, he noted. Most of the progress is not that dramatic, but rather “a series of evolutions.”

No comments: