Army Colonel Greg Griffin (standing) spoke to the status of the JRSS program he manages during AFCEA’s Defensive Cyber Operations Symposium in Baltimore, Md., Thursday. DISA Twitter photo.
BALTIMORE, MD.—A Defense Department effort to further centralize its unclassified data sharing and traffic into less and more efficient networks is still on track for a 2019 rollout, despite facing security vulnerabilities, said the official in charge.
Speaking at the Armed Forces Communications and Electronics Association’s Defensive Cyber Operations Symposium, Army Col. Greg Griffin said the joint regional security stack (JRSS) program will have all 20 of its virtual gateways for information flow—from email to sensor data—built and ready by the end of next year, as planned. JRSSs are sets of equipment—servers and interfaces—running programs and protocols from firewalls to intrusion detection to enterprise management—taking many flows of information and combining them into fewer ones.
The program is a joint effort between DOD, the Defense Information Systems Agency, and involved military services. Eventually, the traffic and data flowing through JRSSs should allow software to catalogue and comb through everything, making available crucial data pertinent to a warfighter or combatant commander alike, no matter their branch or physical location.
“We’re pushing the bounds,” Griffin, the JRSS program’s portfolio manager, said about the nature and capability of the stacks, adding one of them “in particular” is having issues causing an operational impact. He was referencing a January 2018 assessment of JRSS’s Air Force iteration—version 1.5—which deemed the stacks too troubled to field and recommended suspending further deployments then.
“The JRSS, as fielded by the Air Force, is unable to help network defenders protect the network against operationally realistic cyber attacks,” the Director of Operational Test and Evaluation annual report reads. “This is because integration of the disparate commercial technologies is complex and the JRSS training and standard operating processes are not yet mature.” The DOT&E report lists undertraining and insufficient intra-departmental communication—between DISA and the Air Force as one example—as two reasons for the security risk.
“Air Force JRSS operators state that JRSSs are undermanned,” the report continues. “DISA Global is staffed for four stacks but manages nine, and the Air Force is at 50 percent manning for JRSS.”
Despite those warnings, the Pentagon’s acting information boss CIO Essye Miller said in late February the program will hit its 2019 mark, and Griffin towed the same line Thursday. He told Air Force Magazine he couldn’t share on which base the problem stack is, but said it’s one of 11 stacks in CONUS—not one of those abroad. Essentially, despite passing all commercial and industry standards for bearing heavy data loads, a unit in the affected stack is overwhelmed and failing. Griffin said the issue will be resolved through a two-pronged approach. From one end, specialists will research reducing the load on the stacks by mitigating the amount of passing data itself. From the other end, specialists will attempt to reconfigure the unit to be able to handle more data. Griffin aims to have the two efforts meet in the middle.
Currently, 14 stacks are fully operational across the continental US, Europe, and the Central and Pacific Commands AORs. The Army and the Air Force are top users of the stacks, with the Navy coming aboard the program for the developing version 2.0, tailored to its needs. Three additional stacks are planned for the Pacific Command AOR, but they’re unfunded at the moment and not included in the total 20 mentioned above. Additionally, 25 JRSSs are planned for DOD’s classified network, though that breakdown is necessarily secret.
The JRSS construct is in tune with various DOD initiatives to pull its information networks into the cloud, increasing its viability and accessibility. Critically, the program aims to reduce stovepipes across the military, which today translate to suboptimal visibility of potential adversarial activities. For example, if a piece of data traveled from one Air Force base in Texas to another in Alabama, only the Air Force has eyes on it, and even those eyes don’t always see everything. JRSS would make it “much easier” for all services to see that data and share it, if needed.
Long term, Griffin said Thursday, he looks forward to implementing artificial intelligence technologies like machine learning into the stacks. Identifying and combating nefarious actors is significant, but Griffin said he’s excited to be able to predict an attack and, theoretically, preempt it.
Before tending to futuristic ambitions, however, he’s going to have to mitigate present travails.