Navy Cyber Security Division Director: ‘We Don’t Want Stovepipes of Information’

This article is an excerpt from GovLoop’s report “The Foundation for DoD Innovation.” Download the full report here.

As one of warfare’s newest arenas, cybersecurity is already changing military IT networks. These networks must keep data safe from the latest cyberthreats or risk exposing it to adversaries.

Enter people such as Rear Adm. Danelle Barrett, the Navy’s Cyber Security Division Director, Office of the Chief of Naval Operations. Barrett – and other officials like her – work daily to keep the Navy’s networks safe from harm. These networks not only help the Navy share crucial information over large distances, they also help its leaders make smarter decisions faster.

During an interview with GovLoop, Barrett described the Navy’s cybersecurity challenges while modernizing its networks. Barrett also explained why modernizing these networks will drastically improve the Navy’s future operations.

Rear Adm. Danelle Barrett, Navy Cyber Security Division Director, Office of the Chief of Naval Operations.

This interview was lightly edited for length and clarity.

GOVLOOP: How is the Navy’s IT starting to complicate its mission as it ages in terms of network visibility?

BARRETT: The Navy can’t on a dime say, ‘Well, I’m going to buy a new network and install it tomorrow.’ It’s because we have ships all over the world, we have jurisdictions and we have, for example, legacy shore control systems. We’ve tried over the years to clinch together all these networks, because it’s impossible to go in with a homogenized network tomorrow and just replace everything overnight. It’s just not feasible. What we’ve tried to do, as best we can, is to make sure all these networks can share, talk and communicate.

However, sometimes different networks are funded and provided in different ways. Not everybody modernizes at the same speed or gets their funding prioritized to modernize at the same speed.

The challenge becomes dealing with legacy infrastructure and state-of-the art infrastructure. With legacy infrastructure, you’re dealing with things that may no longer be supported by a vendor, and then you must have other measures put in place until those can be replaced.

Say the replacement is for a control system on a ship. Maybe the hardware associated with that piece of gear isn’t going to get replaced on that ship until the ship is replaced. You’re going to have to deal with that legacy infrastructure regardless.

How can modernizing its networks help the Navy innovate with emerging technologies such as AI and IoT?

Unless my data’s right and I can move it around the way I need to, applying AI and popping on IoT devices isn’t going to work. We must have an infrastructure that’s end-to-end across the enterprise. It’s from the user through the cloud to whoever the other user is, or where a machine would be doing something with the data on the other end. We must have that in place before we can even apply those emerging technologies. We want that backbone in place so that it’s quickly adaptable to have things come on and off.

The important piece of doing that is to make sure that we are using industry best practices. Using industry best practices, commercial cloud, industry tools and open standards is important to us. We don’t want proprietary solutions, we don’t want stovepipes of information, or stovepipes in the way we provision or provide network technology or data. We want to be able to jump to the next best thing as industry jumps; we want to move with them.

Why would modernizing the Navy’s networks help it protect national security in terms of helping its personnel make decisions faster?

For both cybersecurity and national security, it’s what you do with the information that’s on the network that matters. For example, right now we have a lot of data out there that isn’t necessarily correlated well to make the best operational decisions. I can use machines to do the heavy lifting for me to find combinations of data that human brains don’t have the capacity for now, or that our networks don’t allow visibility in.

This data’s also secure so I can make an operational decision with confidence. I wouldn’t say that that level is in a place where we’d like it to be today, which is why getting the foundation of our house right, with regards to data and transportation, is so critical.

A capable adversary from a national security perspective is not going to be loud and proud exfiltrating gigabytes of data. No, they’re going come in at the waterline and they’re going to change your data just a little bit. That’s what we want to avoid.

Modernizing the network, imposing data standardization and allowing for AI will help our operators improve our national security, and it’ll improve our agility to move fast and to make decisions with confidence.

We’re doing many things that are cutting-edge. While we would love to move faster, it’s hard to move fast. The people who are going to have the information warfare advantage in the future are the people who can move fast with confidence in their information. We’re building the infrastructure at the foundational level to allow us to do that.