The Defense Department’s Comply-to-Connect, or C2C, program will play a critical role in improving the security of defense networks in the years ahead. The goal is to create an automated process for verifying that every endpoint device is authorized and meets critical security requirements before allowing it to access the network — and ensure it stays in compliance. But to work effectively, C2C hinges on automating an array of cyber capabilities, such as assessment and monitoring, authentication and authorization, incident response, and inventory reporting.
“Whether we’re looking at C2C … or whatever is on the horizon beyond that, we’re in this state now where a solution to a problem is never just a single product,” said Chad Mitchell, a Systems Engineer for U.S. Public Sector at Cisco. “It’s always going to take an integrated solution.”
The payoff, however, can be significant. C2C processes generate a wealth of data that, pulled into a central repository for reporting requirements, provides unprecedented situational awareness on all aspects of the infrastructure, said Kevin Brownstein, Senior Manager for Security Solutions Architecture at Splunk, a Cisco company. Beyond compliance, C2C supports “fundamentally good cyber hygiene practices,” he said.
In this video interview, Mitchell and Brownstein discuss how agencies across the public sector can build on the C2C vision. Topics include:
- The core components of a C2C solution
- The value of a C2C solution for civilian agencies
- Best practices in implementing C2C
Leave a Reply
You must be logged in to post a comment.