The Department of Defense Intelligence Information Systems (DoDIIS) conference took place in mid-December in Phoenix, AZ. It was great to reconvene with many colleagues we hadn’t seen in quite a while.
Themed Foresight 20/20: Building a New Digital Ecosystem, the conference explored the urgency of discovering and adopting innovative and disruptive technological advancements to maintain strategic advantage over U.S. adversaries. Pursuing that goal depends on expanded collaboration and partnerships; that spirit was certainly present among the expert attendees focused on defending our nation.
Raising the Security Bar
A few trends at the show stood out for us. One was the widening embrace of Raise the Bar (RTB) requirements from the National Security Agency’s (NSA) National Cross Domain Strategy and Management Office (NCDSMO). Per the NSA, RTB is a strategy for improving the security and capabilities of all cross domain solutions (CDS) used to protect U.S. government classified information or sold for export to Five Eyes and other foreign military sales partners.
Cross domain solutions provide a controlled interface that prevents malicious or inadvertent transfers of data between organizations and networks operating at different security classifications. Given the high level of interest we experienced, conference attendees’ understanding of CDS’ value is clearly deepening, as many are looking to leverage this highly secure technology to expand their information sharing and collaboration.
While there had previously been hesitation around adopting RTB, this year’s DoDIIS also revealed a shift in the outlooks of defense and intelligence organizations regarding RTB’s value potential. That may be in part because the NCDSMO is engaging in more proactive outreach to government programs that would benefit from RTB adoption. Also, those not following RTB guidelines face increased risk of losing their Authority/Authorization to Operate, or worse, a preventable security breach.
Owl is proud that our CDS products have long met RTB’s rigorous standards. We build CDS components that include RTB’s required data verification and hardware separation methods and are tailored to meet specific mission requirements.
Another key topic at DoDIIS was the convergence of Mission Partner Environment bi-lateral partnership connectivity to a common operating infrastructure, while also establishing new Common Data Fabrics. Both of these efforts are being impacted by the RTB “high threat network” (HTN) touch point needs for hardware-enforced separation capabilities. (High threat networks are those where cyber hygiene is unknown and bad actors are assumed to be operating.) Owl’s data diode solutions are being deployed at those HTN touch points to help address both bi-lateral connectivity and the emergence of Common Data Fabrics.
Enabling Secure, Flexible Communication with DFDL
The biggest advantage of cross domain solutions is to securely share information with other entities and connect to other networks, even those that may be considered high threat. Along with the growing interest in CDS solutions, we also observed DoDIIS attendees’ attention to adopting the Data Format Description Language (DFDL) to efficiently support new data and message formats as threats evolves.
DFDL is a modeling language for defining the structure of general text and binary-formatted data independently from the data format itself. It’s useful for supporting new file and message types applied in CDS like Owl’s XD Series. By supporting DFDL, new message types can be efficiently adopted without changing any code in the CDS, quickly increasing flexibility in cross-platform communications without requiring extensive certification testing.
Owl supports DFDL in our products for specific agency requirements, and also trains IT teams on how to develop and maintain their own DFDL schemas. In fact, Owl’s Principal Engineer is the Co-Chair for the DFDL working group and led the DFDL evaluation for the NSA.
Advancing Cross Domain in the Cloud
Another hot topic at DoDIIS was enabling CDS as-a-service capabilities in cloud environments. As demands grow for collaboration and data sharing across different networks, many agencies and even government contractors don’t want to purchase, house and maintain dozens of CDS servers onsite. Instead, the as-a-service model allows them to access what they need when they need it, and easily renew and expand annually to meet their needs. The growth of classified cloud environments from major providers like Oracle, AWS and Microsoft provides easy adoption opportunities.
Owl solutions are ideal for protecting the data ingress and egress points at the edge of the confidential, secret, or top secret data centers where cloud instances are hosted. Additionally, connecting cloud instances at different security levels requires a CDS. To scale the CDS services, filtering needs to be cloud-native so that it can adjust to dynamic workloads, with boundary devices that verify the filtering’s efficacy. Owl’s wide range of filtering capabilities (from FMV, VOIP, VTC, complex data like Office documents and PDFs, and structured data), along with hardware-enforced boundary separation, provides a compelling solution for various cloud requirements.
It’s Time for Teamwork
Perhaps the most important takeaway from DoDIIS 2021 was partnership. The objective of Building a New Digital Ecosystem for our national defense is an enormous undertaking that mandates extensive cooperation across the public and private sectors. Highly secure standards like Raise the Bar and technologies like cross domain solutions will help our Intelligence and Defense agencies and the businesses who serve them to more effectively pursue that aim.