Cyber posture improvement

Department of the Navy Developing Guidelines to Boost Cybersecurity Posture

The Department of the Navy is preparing a recommendations list that would guide its efforts in shifting IT development priorities towards cyber readiness and DevSecOps.

The guidelines will focus on instating continuous authorization to operate procedures that are necessary for development cycle streamlining and network security. The department plans to use the guide to assist in implementing zero trust architectures.

Tony Plater, the chief information security officer at the Navy Department, said during Federal News Network’s The Connection Between Zero Trust and DevSecOps webinar that cyber preparedness is a key priority for the organization. According to the CISO, the agency should be able to respond promptly to cyber incidents and enable cyber-related acquisition at speed, GovCIO reported.

An internal review revealed that the DON’s current compliance model does not promote a good cybersecurity posture. As such, Plater said the Navy should focus on understanding cyber risks, threat locations threat priorities and actions.

Another element that the Navy should focus on is a culture change that would allow personnel to incorporate new operating principles.

Plater said the department will issue the guidelines, which will also include expectations for the services. It will be created through Black Pearl, a platform where teams will work together to establish guidance, policy and processes for cybersecurity.

Once the guidance is released, the department will introduce new cybersecurity programs within two to three months.