Embracing automation for software patching is a vital component for federal departments and military operations in the future of cyberspace defense capabilities as it relates to information technology (IT) modernization, according to United States Marine Corps (USMC) cyber leader Dr. Ray Letteer.
Letteer, the chief of the Cybersecurity Division of the Command, Control, Communications, and Computer (C4) Department at Headquarters for the USMC, delivered the government keynote address at MeriTalk’s Gov Protect event on Wednesday in Washington, D.C., and challenged the attendees to embrace automation as a way of reducing human-based redundancies when it comes to protecting data.
“We are the biggest issue to the whole approach,” Letteer said. “Let’s not overcomplicate the system so we lose focus, because right now we are losing focus.”
Key components the USMC has adopted for addressing cyber security challenges include understand the physical environment where data is stored, making investments in IT expertise and not just the technology itself, and moving towards a formalized process for creating risk management frameworks. Most critical to finding success in cyberspace is automating data processing and software patching, according to Letteer.
“We have been doing this in Camp Lejeune for a little over three years,” Letteer said, speaking of the USMC training facility where his unit has been testing the Department of Defense’s Comply to Connect procedures for introducing continuous software patching configurations. “People were saying that you couldn’t really do this, that you needed a host-based security requirement for automation.”
Waiting for patches to occur and then fixing them in a reactive manner isn’t an engaging use of the cyber workforce, according to Letteer. The proactive measure would be to blend in automation.
“Why do I have to do so many things that are human-based? I am a passionate advocate of automation. This is a way to ensure that we meet the baseline,” Letteer said.