Federal CyberBytes Issue Brief #4: David Spirk, Michael Overstreet
DOD Data Strategy: Beyond the First 90 Days
The DoD’s new Data Strategy promises to increase operational advantage and efficiency with a data-centric approach. On the Billington Federal CyberBytes podcast, we spoke about the future of this initiative with David Spirk, Chief Data Officer, DoD, and Michael Overstreet, Senior Security Architect Manager, Cisco.
David described the DoD’s first-year strategy goals as ”operationalizing” the DOD data strategy.
“We’ve made some significant progress in identifying actual things that we’re going to do and then striking out in doing those. I’d say the most important thing up front is building the team of data professionals in the department. We’ve spent a lot of time ensuring that we have the community of interest right, ensuring that we know the MilDep Chief Data Officers – Eileen Vidrine [Air Force], Tom Sasala at Navy, Dave Markowitz at the Army, and even the COCOM Chief Data officers – have a say in the priorities that we set, because they are a part of the solution that we’ll be driving towards. So we’ve spent a significant amount of our time just ensuring that that connective tissue between the data leaders in the department is understood.”
David also explained how the concerned agencies are coordinating on strategy.
“We’ve launched some new forums so that we can prioritize and focus our time on the items that matter most in both the boardroom – the senior leader decision forums, inside OSD – and in the battlespace, and in those environments that are important to the warfighters. What we’ve been able to do is take that CDO Council, put up a big tent, bring the departments, agencies, field activities, everybody underneath it, but then still have and create smaller forums where we can uniquely focus on those challenges and successes of the variety of decisions and efforts that need to be empowered by data at Echelon. We still have the small group forum with the MilDep CDOs. Just last week, we hosted the first-ever Chief Data Officer gathering. And last week we held the inaugural FiveEyes chief data officer conference; it was spectacular. We decided that we’re going to continue that gathering every 60 days, and committed that when we can all travel, we will host those FiveEyes CDOs for an in-person gathering sometime in 2021.”
David told us the DoD’s greatest data security challenge is, “understanding, as we comport to some of the Open Data government standards, the challenges of re-identification in the mosaic effect. As we begin to aggregate data in data sets that previously were independent, we can start to bring together new and unique insights. Those insights are also opportunities for our near-peer competitors to target some of those same insights.”
When we spoke with Michael Overstreet from Cisco, he described the various tools provided to data stewards in the DoD’s remote workforce that help keep data secure.
“The first is an obvious tool, data loss prevention tools. But there’s also ensuring that when remote users connect to the network and access the data that they’re doing it in a secure manner; that the workloads or the applications that they’re running are also doing that in a secure manner, so that the data that they’re accessing is only the data that they need, and not more. And then finally, as other devices come on and off the network, we want to make sure that they’re having the least privileged access as well, and building out what we would call a program of Zero Trust. So you ensure that not only users, but workloads or applications as well as the devices on the network have the least privilege access.”
Our adversaries are growing in sophistication and strength. That’s why initiatives like the DoD’s data strategy are so important. We are eager to watch the progress of this important work.
We would like to thank Cisco for sponsoring this episode.