If the Defense Department were a static organization, cybersecurity and resiliency would be easy.
But the fact of the matter is the military services and DoD agencies are in constant motion, said Paul Kurtz, chief cybersecurity advisor and field chief technology officer at Splunk.
It’s clear protecting data and systems no matter how or where they are being used has become more important than ever. To that point, Kurtz identified four main challenges DoD faces when it comes to modernizing and securing data and systems when its users are in constant motion:
- Ensuring mobile device security
- Moving to a zero trust architecture
- Protecting against foreign commercial spyware
- Mitigating cyberthreats to the defense industrial base
“DoD always must be resilient. It must be able to operate in all sorts of different conditions. Think about the conditions that are out there, whether it’s on the water, or in the air, or in very rugged terrain where, I think, we take a lot of things for granted,” Kurtz said during Federal News Network’s DoD Modernization Exchange.
DoD Cyber Challenge 1: Ensuring mobile device security
“When we think about the operational environment for the military, how do those devices hold up? How do we know that they’re secure? How do we know that they’re not leaking data? Those are really, really important points, and mobility is only going to grow. We’re not going to become static and be sitting still fighting wars.”
The continued realization and requirement that all servicemembers will be in constant motion means their technology must constantly adapt to the environment they are in.
Kurtz said this is why the security of mobile devices is one of the biggest challenges for DoD right now.
“DoD has to ensure that their mobility devices, all types of devices, wherever they might be — in an aircraft, on a ship or wherever it is — need to be secure. They need to not only be secure, but they need to be robust, and they need to be able to operate in very, very rough conditions,” Kurtz said. “When it comes to security and resiliency, it really comes down to mobile devices. It is absolutely critical that they operate.”
DoD Cyber Challenge 2: Moving to a zero trust architecture
Whether DoD users connect to a cloud service or an on-premise data center or a hybrid setup to access data and services, the importance of implementing a zero trust architecture grows.
Kurtz said zero trust provides a level of assurance that users who need access to data can get that access.
“How do you stay on top that architecture and understand that it’s actually doing what it should be doing, that you’re actually getting all the signals you need in order to understand that the network is healthy and that there isn’t something like a pervasive problem across the network?” he said. “If you think back to SolarWinds and how it brought a lot to us, making the need for the zero trust architecture far more real because we didn’t really have the insight we needed to understand how bad actors, such as in the case of SolarWinds and the Russians, were able to invade our networks.”
DoD Cyber Challenge 3: Protecting against foreign commercial spyware
Kurtz said the SolarWinds incident and others also point to the third challenge of ensuring the security of commercial software. He said DoD and the private sector have a much better understanding of what’s needed to protect these technologies.
“What we’re really trying to make sure is that our customers, whether it’s the DoD environment or a private sector environment, are operating systems as they should, and it’s only doing what it should be doing, and to be able to have that synoptic understanding of what is actually going on in the infrastructure when it comes to access controls, when it comes to people logging in or logging out,” he said.
“It gets down to the granular activity and being able to put all that data together. If you think of the universe that DoD operates in and the myriad of data sources that they operate with, making sure all that data is healthy — and it’s being used for what is supposed to be used for — takes a lot of monitoring to fully understand. Is this network actually healthy? Can you prove it? That’s where a company like Splunk can be exceptionally helpful to a customer.”
DoD Cyber Challenge 4: Mitigating cyberthreats to the defense industrial base
Finally, the fourth challenge focuses on the technology used and provided by DoD’s commercial partners. How can Defense agencies be sure their contractors not only deliver secure technology but also safeguard the data that runs across those systems?
Kurtz said with so much data traversing networks and from so many different sources, DoD has to be able to rely on that information to make real-time decisions.
To do that, he said the need for automation and artificial intelligence will continue to increase.
“We clearly use automation, and we are starting to use AI to make life easier for customers. On the automation side, for example, we use security orchestration, automated and response, or SOAR, which basically allows you to run playbooks to get to the bottom of a problem,” Kurtz said.
“When it comes to the application of AI, what we’re doing now is taking the very first steps into how we make life easier for the operator. Let’s say there’s a problem on the network. How do you summarize what’s actually happening? We’re using AI to do that in the context of security to offer a very quick and easy summary for an operator to see if that helps the human get to the bottom of the problem more quickly.”
Kurtz said if DoD can address all four of these challenges, then the resiliency and robustness of its networks and data will ensure a secure, accessible and dynamic environment.
Discover more articles and videos now on the DoD Modernization Exchange event page.
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
