DOD to hold security stand-down
The one-day event will strengthen and call awareness to information assurance.
The Defense Department will hold a “security stand-down” Nov. 29 to focus on information assurance and network security.
Military and civilian employees at the major commands, services and agencies will focus on better protecting DOD data and systems. One step will involve changing passwords, said Air Force Lt. Gen. Charlie Croom, director of the Defense Information Systems Agency and commander of the Joint Task Force for Global Network Operations (JTF-GNO). He spoke Nov. 16 during a luncheon sponsored by the Washington, D.C., chapter of AFCEA International.
Croom said DOD will stand down on security the same way the services do when one of their aircraft crashes or experiences problems. He said the department will focus on enterprise security.
Strategic Command (Stratcom), the major command that oversees the operation and protection of the military’s networks, issued the security stand-down order the week of Nov. 7. DOD employees will conduct certain activities to strengthen and become more aware of network security, said Tim Madden, a spokesman for JTF-GNO. He declined to elaborate.
Croom said DOD networks are being intruded on. “The enemy is among us,” he said.
He added that some DOD officials are concerned about the amount of hardware and software manufactured overseas and whether they might incorporate malicious code. He said one way to fight the problem is to require companies to assure DOD that their products are safe and for the military to monitor them closely.
Croom said Marine Corps Gen. James Cartwright, Stratcom’s commander, told him to start directing actions on the networks. Croom said he has begun taking a proactive role to strengthen network security instead of collecting information about and getting status reports on DOD’s data systems.
The security stand-down comes three months after Federal Computer Week reported that China has been hacking into U.S. military networks and obtaining military secrets, including future command and control information. DOD officials are now considering new policy and acquisition initiatives to improve information assurance.
NEXT STORY: AEC debuts management software tool