DOD official: Automation can save Pentagon from drowning in data

The Defense Department must do more to take advantage of automation tools to avoid drowning in a sea of network data and risk missing cyber threats, according to a top department official.

The Defense Department must do more to take advantage of automation tools to avoid drowning in a sea of network data and risk missing cyberthreats, according to a top department official.

“Right now, we buy a system for every use case, so we’re probably generating a lot more information than we need to,” Patricia Janssen, director of cybersecurity planning and implementation in the DOD CIO’s office, said Monday at the RSA Public Sector Conference in San Francisco.

“How do we bring all that data together to help us manage and identify our vulnerabilities and our weaknesses?” Janssen asked.

Automation tools can help DOD cut through the “noise” of unneeded data, she said at a panel discussion of continuous monitoring for cyberthreats. The department’s thousands of computer systems make automation imperative to keep those systems patched and identify insider threats, Janssen added. Training staff to carry that out manually simply isn’t feasible, she said.


Automation will help with risk management in that officials will be able to “make more timely decisions throughout the lifecycle of the system,” Janssen said.

A civilian-agency cybersecurity program known as continuous diagnostics and mitigation (CDM) offers a system of sensors and dashboards for a clearer view of network vulnerabilities.

Kevin Cox, the program’s manager at the Department of Homeland Security, said CDM can help agencies prioritize patching for acute threats like the WannaCry ransomware and the Spectre and Meltdown computer chip vulnerabilities. CDM tells agencies what protections are already in place and thus what additional measures need to be deployed, he said.

Christian Neeley, a partner at Deloitte Cyber Risk Services, preached patience in implementing continuous monitoring tools and reaping their benefits.

“Continuous monitoring is not a one-time capital investment,” Neeley said. “Even when you make iterative progress and have a good scorecard all the way, you have to keep your eye on the ball in the five and 10-year period to really achieve the full benefits.”

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts