The Defense Information Systems Agency hosted an Endpoint Security Summit at the agency’s Fort Meade headquarters Feb. 5-7, bringing together more than 250 Department of Defense endpoint security subject matter experts, system administrators, analysts, and users to discuss endpoint modernization efforts.
The three-day event gave endpoint practitioners and SMEs the opportunity to hear from DISA, the DoD Chief Information Officer (CIO), U.S. Cyber Command (CYBERCOM), and the Joint Force Headquarters – DoD Information Network (JFHQ-DoDIN) about policy and operational strategies that will drive significant change in 2019 and beyond.
Participants exchanged information about their efforts and endpoint approaches; presented requirements; discussed research, testing, and planning efforts; and explored options for an enterprise endpoint security solution.
“We’ve done a lot of work at the integrated product team (IPT) level,” said Diane Phan, DISA’s Endpoint Security program manager and summit host. “This was a chance to get everyone’s input and make sure that as a community we’re moving forward.”
Navy Rear Adm. Kathleen Creighton, deputy commander of JFHQ-DODIN, highlighted the timeliness of the event in her opening remarks. JFHQ-DODIN is a component command of CYBERCOM and its mission is global DODIN operations and defensive cyberspace operations-internal defensive measures.
“Endpoint security is a very important topic right now. At the senior levels, we recognize the value of a modernized enterprise solution,” Creighton said.
“There is an urgency to secure our networks effectively in a way that leverages efficiencies,” she continued. “We have to get beyond ‘we have to do it our way.’ We have to get to a common way – a common set of standards, so that we can secure the entirety of the DoDIN.”
While definitions vary, endpoint security typically refers to the measures or actions taken to address risks that remote devices, such as laptops or other wireless and mobile devices, present when connecting to an enterprise, or shared, network.
DoD endpoint security solutions involve an integrated set of capabilities that work together to detect, deter, protect, and report on cyber threats across DoD networks. Efforts to modernize endpoint security aim to achieve a more standardized, interoperable, and secure set of capabilities that strengthen integrated threat analysis, defensive actions, and command and control across the DoDIN – from boundary to endpoints.
Creighton challenged the audience to use the summit to take a holistic view of the DoD CIO’s strategic policy direction, combatant command operational requirements, and service and agency pilot efforts in progress.
“You’re going to need to figure out how all of these things interconnect and how they relate to your organization,” Creighton said.
The first day of the summit focused on policy and enterprise-level testing and developing efforts, including an update on the DoD Cybersecurity Architecture Review (DoDCAR), which has conducted a “greenfield” analysis of threat coverage to inform the future of endpoint security architectures, capabilities and solutions.
“We have to start moving faster,” said Carmen Santos-Logan of the Office of the DoD CIO. “We haven’t modernized our end user security platform. Now we have to move out and figure out where we’re going,” she said.
During the next two days the audience learned about the pilots and endpoint security efforts moving forward in the military services, combatant commands, and agencies.
“We received great response from the components that participated,” said Melissa Simpson, deputy chief of JFHQ-DoDIN’s Cyber Fusion Operations Team. “This forum has provided us the opportunity to build relationships and synergize with the DoD components in order to truly evolve endpoint security. Collaboration between DoD CIO, CYBERCOM, JFHQ-DODIN, and DISA is vital to the development of an endpoint security strategy and enterprise capability. Moving forward, we plan to continue this communication and strategy development within the weekly DOD Endpoint Security Operational Working Group.”