Scott Pleus: DoD Must Implement Data-Centric Cybersecurity Approach

Scott Pleus
Scott Pleus

Maj. Gen. Scott Pleus, director of air and cyberspace operations for the Pacific Air Forces, has said that the Department of Defense needs to develop nonproprietary and high-security data architecture to keep up with industry.

Pleus wrote in a Fifth Domain piece published Wednesday that the DoD’s cybersecurity approach is “outdated by industry standards” and does not support the implementation of artificial intelligence, big data and machine learning.

He said the Pentagon must apply a data-centric approach to security instead of focusing solely on protecting networks to balance confidentiality with data accessibility and integrity.

According to Pleus, strong encryption and authentication tools, behavior-based security technologies and greater access to DoD-wide data sources will help the department shift its focus toward data-centric security.

DoD must also work with the private sector to leverage new technologies such as 5G and low-Earth orbit communications as well as approaches like zero-trust security and blockchain, he added.

“To take advantage of this growth, we must continue to institute new approaches to design, funding, implementation, and operational agility,” said Pleus. “We must rid ourselves of antiquated policies that drives checklist driven risk management processes and inhibits adoption of industry cybersecurity best practices.”

You may also be interested in...

Cyberattacks Prevention

DISA Shares Recommendations to Prevent Cyberattacks; Vice Adm. Nancy Norton Quoted

The Defense Information Systems Agency (DISA) has provided recommendations to mitigate cyberattacks at the workplace and home as part of the National Cybersecurity Awareness Month. DISA said Friday that it advises the public to update software tools, employ strong passwords and run antivirus software. The agency has also recommended to avoid sharing passwords.