DISA’s intelligence Director Speaks out
Earlier this year, Army Colonel Richard Leach Defense Information Systems Agency Director of Intelligence, spoke at the Digital Protection Summit in Washington, D.C.
His fireside chat, titled, “The convergence of cyber and identity security,” focused on the evolving cybersecurity threats the Department of Defense is facing. He emphasized the intersection of personal and organizational security as well as the threats and opportunities of Artificial Intelligence (AI).
The challenges of emerging technology
Leach opened by emphasizing how COVID and remote work changed the cybersecurity landscape. With employees suddenly working from home and using virtual private networks, these rapid changes, “became ripe objects for the adversary to look at.”
As people’s homes became their offices as well, Leach noted that a real danger came when people took the same approach to cybersecurity for both venues.
Most importantly, far too many people used the same passwords for home and work. Then, when data leaks occur, something as seemingly trivial as an employee’s streaming password being compromised could be the key hackers need to access an enterprise network.
Of course, remote work isn’t the only important development in recent years for cybersecurity. The rise of AI has been immensely impactful by decreasing the amount of technical expertise needed to carry out cyberattacks. For instance, the data leaks mentioned above were a problem before AI, but with AI hackers can comb through leaks for information on particular, high-value individuals faster than ever. In Leach’s words, “finding the needle in the haystack has become so much easier.”
Another example Leach offered was hackers using AI to find code that will break into internet connected consumer devices in homes, such as cameras, refrigerators and more. “The AI is really starting to be able to write that code for you. So I don’t have to be a super smooth state-sponsored hacker. I can be a script kitty sitting at home, typing that into ChatGPT and getting that back,” said Leach. According to Leach, hackers will then harvest as much personal data as they able to gather. As personal security is tied up with enterprise security, this data has become even more valuable.
As Leach said, hackers “get a two-for-one deal. One, they can go after us for our connections and what we do within the government or corporations – because corporations have people that are just as much targeted as DOD folks. Then on the personal side, those criminals will come back and say, ‘okay, what can I get off this individual? Either I can use his persona to go out and link with other people’s personas or I can just use it, go shopping or get credit cards.”
The solution
Put together, the outlook for cybersecurity can seem bleak. Nevertheless, Leach insisted emerging technologies also offer opportunities for greater defense.
For instance, while AI will result in more attacks, Leach emphasized it will also empower analysts to work faster. He said, “There’s no way I can hire enough analysts to sort through all of that, so we’re going to have to use those APIs and those large hybrid models to sort through the data.”
He continued by pointing to Thunderdome, DISA’s Zero Trust solution, as an example of combining different emerging technologies to increase security. In addition to adopting new technologies, DISA is adapting its approach to cybersecurity.
Leach said DISA is moving away from old models of cybersecurity built upon a castle and moat approach. Instead, DISA is prioritizing Zero Trust. Meanwhile, Leach is charging his team with two things: “know your network and think like a hacker.”
Finally, Leach emphasized that cybersecurity is a team sport. It’s on everyone to take cybersecurity seriously, which is why cyber education is so important. He said, “We’re constantly trying to educate the workforce on what are the proper cyber hygiene things they should be doing.”
access this direct infolink
Thunderdome
As the Department of Defense’s cutting-edge Zero Trust network access and application security architecture, Thunderdome is transforming the way we approach cybersecurity and network infrastructure. Comprised of a comprehensive suite of IT and cyber-based technologies, Thunderdome leverages enterprise Identity Credentials and Access Management (ICAM), commercial Secure Access Service Edge (SASE), and software-defined networking and security tools to provide unparalleled protection and reliability. This is a substantial shift for the DOD and delivers next-generation solutions for a safer and more secure digital landscape.
Unlocking the Power of Thunderdome
At the heart of Thunderdome’s revolutionary approach lies a robust arsenal of network fortification tools and cutting-edge segmentation technologies, setting the stage for an unparalleled level of defense against adversarial threats. How does Thunderdome achieve this remarkable feat? By redefining the very foundation of network security through a dynamic interplay of essential principles:
• Zero Trust Security Reinvented
• Elevated Security, Amplified Performance
• Identity-Centric Access
• Championing DOD’s Mandate
Fundamentally, Thunderdome transcends the boundaries of conventional security paradigms, ushering in a new era of defense, optimized performance and simplified administration. Join us as we delve deeper into Thunderdome’s intricate workings, and embark on a journey towards a safer, smarter and more secure digital frontier.
Why Thunderdome Matters
In a rapidly evolving digital landscape, Thunderdome emerges as an indispensable ally, offering a suite of capabilities that transcend traditional boundaries. What sets Thunderdome apart and makes it a must-have for the modern age? Here are a few of the compelling reasons that make Thunderdome an essential addition...
• Seamless Identity and Endpoint Synergy
• Simplified Access, Unleashed Cloud Potential
• Pioneering Zero Trust Compliance
• Allegiance to Higher Federal Mandates
• Elevating User Experience and Efficiency
• Choice and Flexibility for Mission Partners
• Revolutionizing Interoperability and Command
Thunderdome is the gateway to a future fortified against adversarial threats, powered by cutting-edge technology and aligned with the highest standards of federal mandates. Thunderdome is shaping a digital realm where security, performance and innovation converge to create a safer and more resilient future.