DoD also has a litany of consumer devices running on its networks, from printers to video monitors and cameras to refrigerators. These devices are continually communicating with one another, as well as with higher headquarters all the way back to the Pentagon. Some observers call this the “Internet of Battlefield Things” (IOBT). The exponential growth of the IOBT is creating new vulnerabilities to cyber attacks at an alarming rate. Compromised IOT/IOBT devices are increasingly the “easy” way for attackers to get a foothold inside an organization’s network. Seven years ago, the DoD created Comply to Connect (C2C) as a way to secure its growing array of network endpoints. The C2C approach combines existing cybersecurity technologies with newer technologies to deal with the changing nature of DoD’s network architecture. The core tenet of C2C is understanding what devices and people are connecting to DoD networks and their security posture. The U.S. Congress has twice in recent years directed DoD to move forward with implementing the C2C capability. While the U.S. Marine Corps and U.S. Navy, as well as a few other DoD components, have moved forward with implementation of this program, most of DoD has not. I have written more about C2C here.
Find Archived Articles: