This interview is an excerpt from GovLoop’s recent guide, The DoD of Tomorrow, which explores how the department is transforming its operations, technology, workforce, and acquisitions process to confront 21st century challenges.
In an increasingly interconnected world, securing every network endpoint is a major challenge, especially for an organization as large as DoD. More connections, while improving communication, collaboration, and efficiency, also mean more vulnerability and a larger attack surface.
To explore the issue further, we sat down with Scott Montgomery, Vice President and Chief Technology Strategist at Intel Security. He discussed the challenges DoD faces in the evolving field of endpoint security, why DoD-accredited solutions are key, and how Intel Security’s solutions achieve security and optimize operations for mission success.
Overcoming Common Endpoint Challenges
According to Montgomery, when it comes to next generation endpoint security, finding the right technology is not necessarily the challenge. Instead, the slow pace of acquisitions and accreditation are major barriers to adequate capabilities. As a result, the DoD is working with the same technology they bought years ago. That’s a problem. “If you think about the pace of change in technology, there’s nothing from 2006 still in use today by anybody for anything,” said Montgomery.
The complex and evolving nature of endpoints makes aging tech even more problematic. “What constitutes an endpoint has changed pretty dramatically since DoD did their first contract for Host Based Security System (HBSS) in 2007,” Montgomery said. “Is a wearable an endpoint? Is a mobile phone an endpoint?”
If a device includes mission data, Montgomery argues it certainly constitutes an endpoint worth securing. Even a thermostat can be considered an endpoint. With so many connected devices, knowing how much of the IP landscape they can cover with just one system is going to be one of the biggest challenges DoD faces, said Montgomery.
Understanding DoD Needs
Intel Security is addressing these challenges by building solutions made specifically for DoD. “We built a vast array of technology that’s managed by the same single console that DoD is familiar with,” said Montgomery. “The cost to transition to the next generation of this technology, if they choose this option, is actually far lower than anything else. And for endpoints, we include those things that make the DoD different.”
That means serving specific DoD communities and their respective data needs with modular solutions. For example, a garrison at a fort would not need the intense amount of bandwidth that a tactical brigade using satellite communications would need.
“A lot of vendors don’t build for that crucible of the tactical community,” said Montgomery. “And we absolutely are ready to be there.”
Importantly, this past experience with DoD makes Intel Security solutions cost-effective. DoD can reuse existing infrastructure because Intel Security utilizes the same console for the technologies DoD is consuming today. On the other hand, the cost to roll out a wholly new solution would be “staggering,” said Montgomery.
“DoD can leverage what they already have. What they need to do is change the contract in order to encompass these new pieces of technology,” he said. “We’re the lightest fit-out of anyone from the cost standpoint, even considering the next generation endpoint opportunity, because we’re already there. We built a very modular system that can encompass a variety of different technologies in the same offering.”
Another benefit of this association is DoD accreditation. “Many vendors have built commercial offerings that have never been accredited in DoD,” said Montgomery. “Accreditation is a staggeringly expensive and difficult thing to do.”
Thinking Beyond Security
Once endpoint security solutions are deployed, vendors need to think outside the box. When every offering is a security offering, what other benefits are included? Montgomery cited freeing up resources and less “chair-swiveling” as some key benefits.
During missions, warfighters’ main focus should be on running the mission package. “If your information security and privacy system reduces the amount of overall effort on operations, you’re going to be more effective against the adversary,” said Montgomery. “In the tactical community, information security should be the last thing warfighters have to worry about. What they should be focused on is mission assurance.”
The solution should also reduce what Montgomery called “chair-swiveling.” Having multiple agents on multiple consoles is very time consuming. “They have to look multiple places in order to make a determination of what’s going on, make an assessment of whether it’s dangerous, and then act,” said Montgomery. “If we aggregated those functions in one console, the whole operation would be more effective. The unit would be more efficient because more of their time would be spent on analysis and mission assurance than on chair-swiveling.”
In the critical world of defense, every second counts. This is why next generation endpoint security solutions need to offer more than security alone. Improving operational efficiency for the warfighter could be the difference between mission failure and mission success.
Photo Credit: Flickr/ U.S. Department of Defense