The Navy’s Latest Cybersecurity Pursuits and How to Bring Your A-Game

The Department of Navy (DON) recently held its annual WEST Conference, this year with a strong emphasis on cybersecurity. The conference brought together key decision-makers from the Navy, Marine Corps, and Coast Guard, along with experts from various industries and government officials. The discussions were broad-ranging, covering topics related to naval warfare, technology, innovation, and cybersecurity.

Participants highlighted the most critical issues and solutions proposed by cybersecurity experts, including the latest trends and challenges faced by organizations. There were also informative presentations from experts on topics such as cloud security, artificial intelligence, and the Internet of Things (IoT). Data privacy and security, as well as the need for organizations to be proactive in their approach to cybersecurity, were further highlighted. The conference attendees acknowledged that the security of critical infrastructure could only be ensured through collaboration between government and industry. DON leaders repeatedly emphasized the importance of partnership and collaboration to strengthen cybersecurity capabilities and maintain a robust defense against cyber threats.

One of the main highlights of the conference was the keynote speech by Secretary of the Navy, Carlos Del Toro, who emphasized the importance of cybersecurity in modern naval warfare. He noted that the Navy and Marine Corps face a growing threat from cyber-attacks and highlighted the need for continued investment in cybersecurity capabilities to defend against these threats, including foreign adversaries such as China and Russia. Additionally, he emphasized the importance of building a culture of warfighting excellence, which includes IT professionals as part of its budget priorities. In the next several weeks, the Navy plans to release a new cyber strategy called Cyber Ready, which aims to transform how the Navy addresses cyber readiness while balancing the need to face new threats and maintaining a secure infrastructure.

In addition, several sessions and discussions at the conference focused specifically on cybersecurity progress and issues. These included sessions on the challenges of securing Navy and Marine Corps networks and systems, the role of predictive analytics/artificial intelligence in cybersecurity, and the importance of partnerships between government and industry to develop effective cybersecurity solutions.

During one session, titled "Navy Cyber Security Division, Office of the Chief of Naval Operations" with RADML Tracy Hines, the Director of the Navy Cyber Security Division, the need to secure the Navy's presence in cyberspace while maintaining maritime dominance was discussed. She explained that cybersecurity is critical to the Navy’s operations and infrastructure and that cyber readiness is synonymous with mission readiness. RADML Hines also discussed the need to shift from a compliance-based approach to a readiness-based approach in cybersecurity. She mentioned several ongoing cybersecurity initiatives and the importance of modernizing infrastructure and encryption technology. Emphasis was made on the need for robust, secure, and reliable networks and the industry's role in being forward-leaning and prepared for future cyber threats. Additionally, she included the importance of investing in predictive capabilities and enterprise solutions, specifically data implementation and network modernization. She stated that predictive analytics can help identify precursor behaviors and anomalies and that investing in enterprise solutions will help the Navy become a data-centric organization that uses data for operational advantage and increased efficiency.

Another session focused on the Navy's adoption of DISA's zero trust framework for cybersecurity through Project Thunderdome. This project, which received funding from the DOD in 2021, has been implemented as a prototype with the Navy as its first and most enthusiastic mission partner. The Thunderdome prototype focuses on three key capabilities: zero-trust network access, cyber analytics, and automation. The project aims to move away from traditional perimeter defense and instead establish micro-perimeters around specific resources and applications. Users must authenticate every time they want to access a resource, and their device must be compliant with the Navy's security requirements. The session speaker, Julian Breyer, DISA’s senior enterprise and security architect, shared the challenges faced by DOD in deploying a zero-trust architecture. These included difficulties in writing policies that work with the new technology, achieving interoperability between different vendors' solutions, providing security for mobile platforms, and implementing endpoint credentialing solutions. Breyer outlined their roadmap for improving site designs, developing conditional access policies, and implementing a cloud access point for remote users. He also shared ongoing and future efforts to improve their security infrastructure, including the implementation of next-gen antivirus, security orchestration, and automated responses.

The conference highlighted the undeniable significance of cybersecurity in contemporary naval operations. Participants emphasized the necessity of sustained investment in cybersecurity capabilities and stressed the importance of collaboration between the government and private sector to foster innovative solutions. As the risk of cyber threats continues to escalate, it is evident that cybersecurity will remain a crucial focus for the Navy and Marine Corps moving forward.

If you're looking to sell cybersecurity solutions to the Navy, the WEST 2023 DON conference provides valuable insights into the Navy's cybersecurity challenges, initiatives, and priorities. Here are some tips on how to approach the Navy with your cybersecurity solutions:

1. Understand the Navy's cybersecurity challenges: The Navy faces growing cyber threats from foreign adversaries and insider threats. Their critical infrastructure must be secure, and their networks and systems must be resilient to cyberattacks.
2. Show how your solutions align with Navy priorities: The Navy is focused on building a culture of warfighting excellence that includes IT professionals as part of its budget priorities. They are also prioritizing partnerships and collaboration with industry to develop effective cybersecurity solutions. Your solutions should align with these priorities and demonstrate how your company can contribute to the Navy's cybersecurity readiness with seasoned IT members and/or partners.
3. Highlight the importance of modernization: The Navy is aware of the need to modernize its infrastructure and encryption technology to stay ahead of cyber threats. Your solutions should incorporate the latest technology.
4. Stress the importance of AI and predictive capabilities: These capabilities can help identify precursor behaviors and anomalies and enable the Navy to detect and prevent cyberattacks before they happen. Your solutions should include AI and predictive capabilities that can enhance the Navy's situational awareness and cyber readiness.
5. Demonstrate how your solutions are in line with naval initiatives. The Navy has encountered hurdles while implementing Project Thunderdome, so emphasize how your offerings can address those issues in your sales pitch. For instance, if your cybersecurity technologies can facilitate interoperability among various vendors' solutions, secure mobile platforms, and implement endpoint credentialing, then highlight these aspects as they align with the zero-trust framework. A new cyber strategy named Cyber Ready will be launched shortly, so it's crucial to comprehend and be aware of this new plan. Ensure that your solutions are in sync with this initiative and showcase how they can supplement and enhance the Navy's endeavors.
6. Provide a roadmap for implementation: The speakers outlined their roadmap for improving site designs, developing conditional access policies, and implementing a cloud access point for remote users. Provide a similar roadmap for the implementation of your solutions. Show them how your solutions can be integrated into their existing infrastructure and how they can be implemented over time to minimize disruption to their operations.
7. Emphasize ongoing support: The Navy needs solutions that are scalable and can be updated and maintained over time. Emphasize your ongoing support services, such as training, maintenance, and upgrades, to demonstrate your commitment to their cybersecurity needs.
8. Present evidence of successful implementations: The Navy wants to collaborate with vendors who have a proven record of successful implementations. Provide evidence of your company's successful past performance-based cybersecurity implementations and how they have benefited other organizations.

Selling cybersecurity solutions to the Navy is an exciting opportunity to contribute to their cybersecurity readiness. By understanding their unique challenges, priorities, and initiatives, you can align your solutions to provide valuable support to the Navy's efforts. Most importantly, make sure your solutions can make their lives easier and infrastructure safer. Providing evidence of successful implementations and addressing implementation challenges can also help anchor trust and credibility with the Navy. So, raise the sails and set your course for success!

To get more TD SYNNEX Public Sector Market Insight content, please visit our Market Intelligence microsite.
 

About the Author: Toan Le is a senior analyst on the TD SYNNEX Public Sector Market Insights team covering the Department of Defense and intelligence community.