This article originally appeared on TD SYNNEX’s official blog, HERE.
The Department of Navy (DON) recently held its annual WEST Conference, this year with a strong emphasis on cybersecurity. The conference brought together key decision-makers from the Navy, Marine Corps, and Coast Guard, along with experts from various industries and government officials. The discussions were broad-ranging, covering topics related to naval warfare, technology, innovation, and cybersecurity.
Participants highlighted the most critical issues and solutions proposed by cybersecurity experts, including the latest trends and challenges faced by organizations. There were also informative presentations from experts on topics such as cloud security, artificial intelligence, and the Internet of Things (IoT). Data privacy and security, as well as the need for organizations to be proactive in their approach to cybersecurity, were further highlighted. The conference attendees acknowledged that the security of critical infrastructure could only be ensured through collaboration between government and industry. DON leaders repeatedly emphasized the importance of partnership and collaboration to strengthen cybersecurity capabilities and maintain a robust defense against cyber threats.
One of the main highlights of the conference was the keynote speech by Secretary of the US Navy, Carlos Del Toro, who emphasized the importance of cybersecurity in modern naval warfare. He noted that the Navy and Marine Corps face a growing threat from cyber-attacks and highlighted the need for continued investment in cybersecurity capabilities to defend against these threats, including foreign adversaries such as China and Russia. Additionally, he emphasized the importance of building a culture of warfighting excellence, which includes IT professionals as part of its budget priorities. In the next several weeks, the Navy plans to release a new cyber strategy called Cyber Ready, which aims to transform how the Navy addresses cyber readiness while balancing the need to face new threats and maintaining a secure infrastructure.
In addition, several sessions and discussions at the conference focused specifically on cybersecurity progress and issues. These included sessions on the challenges of securing Navy and Marine Corps networks and systems, the role of predictive analytics/artificial intelligence in cybersecurity, and the importance of partnerships between government and industry to develop effective cybersecurity solutions.
During one session, titled “Navy Cyber Security Division, Office of the Chief of Naval Operations” with RADML Tracy Hines, the Director of the Navy Cyber Security Division, the need to secure the Navy’s presence in cyberspace while maintaining maritime dominance was discussed. She explained that cybersecurity is critical to the Navy’s operations and infrastructure and that cyber readiness is synonymous with mission readiness. RADML Hines also discussed the need to shift from a compliance-based approach to a readiness-based approach in cybersecurity. She mentioned several ongoing cybersecurity initiatives and the importance of modernizing infrastructure and encryption technology. Emphasis was made on the need for robust, secure, and reliable networks and the industry’s role in being forward-leaning and prepared for future cyber threats. Additionally, she included the importance of investing in predictive capabilities and enterprise solutions, specifically data implementation and network modernization. She stated that predictive analytics can help identify precursor behaviors and anomalies and that investing in enterprise solutions will help the Navy become a data-centric organization that uses data for operational advantage and increased efficiency.
Another session focused on the US Navy’s adoption of DISA’s zero trust framework for cybersecurity through Project Thunderdome. This project, which received funding from the DOD in 2021, has been implemented as a prototype with the Navy as its first and most enthusiastic mission partner. The Thunderdome prototype focuses on three key capabilities: zero-trust network access, cyber analytics, and automation. The project aims to move away from traditional perimeter defense and instead establish micro-perimeters around specific resources and applications. Users must authenticate every time they want to access a resource, and their device must be compliant with the Navy’s security requirements. The session speaker, Julian Breyer, DISA’s senior enterprise and security architect, shared the challenges faced by DOD in deploying a zero-trust architecture. These included difficulties in writing policies that work with the new technology, achieving interoperability between different vendors’ solutions, providing security for mobile platforms, and implementing endpoint credentialing solutions. Breyer outlined their roadmap for improving site designs, developing conditional access policies, and implementing a cloud access point for remote users. He also shared ongoing and future efforts to improve their security infrastructure, including the implementation of next-gen antivirus, security orchestration, and automated responses.
The conference highlighted the undeniable significance of cybersecurity in contemporary naval operations. Participants emphasized the necessity of sustained investment in cybersecurity capabilities and stressed the importance of collaboration between the government and private sector to foster innovative solutions. As the risk of cyber threats continues to escalate, it is evident that cybersecurity will remain a crucial focus for the US Navy and Marine Corps moving forward.