In case you missed it...

Faced with growing, increasingly sophisticated cyberattacks, U.S. Cyber Command is working on a better way to develop, buy and deploy tools to cyber warriors who serve varied needs across the military. The Joint Cyber Warfighting Architecture is Cyber Command’s answer to organize disparate tools to foster a highly skilled workforce of cyber operators. We’ll explore the technologies the command needs for the cyber toolkit of sensors and data platforms for mission planning. And we’ll ask for an update on the command’s steps to address concerns about how to best integrate tools purchased throughout the military branches.

Defense leaders are all in on fast, simplified software rollouts. The idea is central to the strategy to keep pace with adversaries’ advances. Easy software updates for equipment are the new goal — instead of sticking with technology until replacement is unavoidable. And new capabilities reach service members faster through an agile approach that favors lean, rapidly made software with persistent updates, a change from long timelines for comprehensive software packages that can be outdated before implemented. Dedicated software factories, such as Air Force’s Kessel Run and Navy’s OASIS, use open-source development to quickly deliver improvements over legacy systems, and the Defense Department increasingly embraces this DevSecOps mindset with technology and cloud suppliers that create software for the military or run it for the DoD as a service.

The rise of cyber as a domain introduced new responsibilities and positions of trust across defense agencies. In recent years, lawmakers required each service to designate a top cyber adviser to provide insights on recruitment, training and readiness of cyber forces, acquisition of offensive and defensive capabilities, and cybersecurity supply chain risks. At the same time, chief information security officers — rare or nonexistent just 20 years ago — have become essential for operational vigilance and information integrity. With cyber leadership in the spotlight, we’ll hear from CISOs and cyber advisers on how they translate cyber policies for the battlefield.

With hackers getting better at disguising themselves as legitimate network users, the Pentagon wants to build its defenses on the inside, going beyond perimeter protections to keep adversaries out. The department advocates a zero trust cybersecurity methodology based on the premise that attackers will inevitably find their way in. The idea is that organizations should trust no one and verify everything: users, devices and standing access privileges. As the Pentagon’s top IT shop considers creating a portfolio management office to speed up zero trust adoption, let’s explore how software and cloud environments must mature to verify identity at each stop along the network: the router, the switch, the computer to the DoD’s common access card.