Pentagon planning for the next 25 years of cybersecurity
The Department of Defense isn’t just focused on the cybersecurity of today — it’s looking 25 years into the future.
The Pentagon’s undersecretary of research and engineering — essentially the department’s CTO — issued a request for information late last week, asking for help building out a roadmap of science and technology activities related to advances in cybersecurity over the next two-and-a-half decades in line with the 2018 National Defense Strategy.
The solicitation asks interested parties to help inform the Pentagon’s future cybersecurity guideposts by sharing “their R&D projections, technical capabilities, and demonstrated experiences in cybersecurity and cyberspace operations,” the RFI says.
The 2020 National Defense Authorization Act directs DOD to develop the roadmap in consultation with department’s CIO, the secretaries of the military services, commander of U.S. Cyber Command, director of the Defense Information Systems Agency, director of the Defense Digital Service and other top Pentagon leaders.
Subsequently, the Office of the Undersecretary of Defense for Research and Engineering — currently headed by U.S. CTO Michael Kratsios, who is on a detail from the White House — will be required to submit annual reports on cyber S&T starting in fiscal 2021.
Developed under the leadership of Daniel Ragsdale, principal director for cyber in the R&E office, along with a DOD cybersecurity community of interest, the roadmap will focus on three timeframes of cyber development: 2020-25, 2025-30, and beyond 2030. However, DOD is “most interested in cybersecurity and cyber operations technologies that will affect cyber S&T investments in the 2025-2030 timeframe (mid-term future),” the RFI says. The idea is the roadmap will give the department a well-rounded look into the future of defense cybersecurity, with an emphasis on those capabilities a few years down the road.
The department is interested in information around cybersecurity in a variety of areas, like national security systems, weapon systems, business systems, critical infrastructure systems, and enterprise and network systems.
Interested parties must submit any questions by Aug. 7. Final responses are due Aug. 21.