How the DIA Plans to Modernize Its Key Network
The first part of JWICS modernization involves a technology refresh, Cossa says. That means upgrading routers, switches, encryption devices and all the other IT equipment needed to support the commercial internet — just for a top-secret network.
Another part of the JWICS modernization involves making it available and accessible, in a secure way, to more points of presence around the globe.
“The world has changed,” Cossa says. “We’re now operating in more locations all over the world. So, it’s looking at new points of presence of JWICS, and areas that are remote that don’t necessarily have a strong commercial communications infrastructure.”
Beyond adding in new hardware, the DIA wants to build in redundancy and resiliency to JWICS. As the network has latency or communications issues, the DIA wants to ensure through redundancy that it has “smart routing, where we can route around those problems automatically,” Cossa says.
It also means having redundant network connectivity, so that if one form of connectivity goes down, another can take over so that there is no single point of failure in the network.
DIA is looking beyond terrestrial communications circuits and including physical fiber, 5G wireless networks and advanced satellite communications technology.
JWICS also needs to be resilient and responsive to complex intelligence demands, Cossa says, with multiple dependencies across the globe. In the 1990s, Cossa says, intelligence problems were simpler and not as multifaceted.
“How do we take JWICS to that next level?” he says. “That’s the challenge we’re solving. So, we’re keeping it going beyond just a steady state to JWICS operating in any scenario we can think of that the intelligence community and Defense Department might face.”
DIA Invests in Zero Trust for Cybersecurity
DIA is focused not only on modernizing JWICS but on ensuring data security for such highly classified information. Cossa notes that DIA operates not just the wide-area network for the intelligence community and DOD — JWICS — but also the local area network, the DOD Intelligence Information System.
As the DIA moves toward a zero-trust architecture, it faces unique complexities, Cossa says.
Cossa says that the DIA needs to ensure encryption and threat isolation in both environments. At the hardware level, it means users need to follow the Comply to Connect protocol, which is a new DOD approach to network security.
DIA wants to get to a point where it knows everything and everyone on the DOD’s networks. Cossa sees zero trust as a roadmap, and the next steps will involve implementing digital policies around network access control to get that level of visibility. The goal is to be able to escalate privileges and access as needed and enable interaction as the mission changes for any particular user, Cossa says. That means expanding and contracting the DIA’s networks as needed.