While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
The Army is embarking on an ambitious multiyear plan to enhance its network capabilities in the near- and midterm.
Over the next two years, the Army will focus on modernizing and migrating applications to government and commercial hosting facilities, analyzing plans to consolidate legacy communications in preparation for universal voice, video and data collaboration and refining the role of its cyberworkforce, among other things.
Starting in 2017 through 2021, the Army will continue modernizing applications and infrastructure to support cloud and Big Data analytics, integrate continuous monitoring solutions and enable users to access enterprise services on the Army network with their personal devices.
“The network must be secure, integrated, standards-based, with uninterrupted global access, enabling collaboration, enabling decisive action and doing that throughout all phases of the operations, across all environments,” Lt. Gen. Robert Ferrell, Army CIO/G-6, said Feb. 4 at AFCEA NOVA's Army IT Day.
In a series of new foundational documents released publicly on Wednesday, the Army defines its network modernization strategy and implementation guidance that will guide how the Army plans and executes network enhancements for its 1.4 million users.
The new documents build on efforts by former Army CIO/G-6 Susan Lawrence and Deputy CIO/G-6 Mike Krieger and have been under development for about a year, Ferrell said, noting that execution of the Army’s network modernization comes at a time when the service is downsizing and facing budgetary constraints.
The Army is working closely with U.S. Cyber Command and the Defense Information Systems Agency to ensure its cloud strategy meets defined security standards. Ferrell expects the strategy will be released in early March.
“We don’t want to go fast,” Ferrell said. The Army needs to define roles and responsibilities, how it wants to manage data in the cloud, whether to use commercial or government facilities.
“There are a lot of unknown questions that are [still] to be answered,” he explained.
The Army is waiting on lessons learned from DISA’s cloud pilots, which will help the service shape security and storage requirements for both commercial and government clouds. IBM and Amazon, which have met the military’s security requirements for hosting its Level 5 highly sensitive data and national security systems, are working with DISA to pilot capabilities that can be extended into the cloud, said Chief Warrant Officer Five Ricardo Piña, Army CIO/G6 Chief Technology Officer. Microsoft isn’t too far behind in proving it meets the military’s cloud security requirements, Piña said, adding that the number of approved vendors will increase.
How to procure those services is another issue that must be addressed. The Army’s Program Executive Office Enterprise Information Systems is working to identify a blanket purchase agreement to assist the service in buying commercial cloud services, he said.
As network capabilities expand, so must the Army’s skills to ensure it remains secure.
The service approved a new cyber career field and is now identifying people to assess into that field, Ferrell said. The Army’s Human Resource Command has assessed records of performance, experience and education to determine likely candidates to serve.
Initially, there will be 1,137 positions, including 609 enlisted, 196 warrant officers and 332 officers. Ferrell expects that number will expand to about 3,000 civilian and military positions.
The Army targeted two units to pilot the new career field — the 780th Military Intelligence Brigade at Fort Meade, Md., and 7th Cyber Mission Unit at Fort Gordon, Ga. There are individuals in these units — soldiers and civilians — who are performing the cybertasks now and may be assessed into the new career field.
Those who are assessed may require additional training, Ferrell said. The Army is considering all options for providing that training, including civilian and military education and training opportunities with industry.
“We’re going to asses what’s available in academia outside of the military,” Piña said. “We most certainly will have a cyberschool to train our cyberforce within the [Army].”