SAN DIEGO — The Naval Info Warfare Methods Command arrange its new cyber directorate final August with a aim of addressing cybersecurity in a extra complete approach.
The directorate is concentrated on three large priorities: Driving sooner adoption of zero belief, safe software program practices and implementing cutting-edge defensive applied sciences.
Rachel Bondi, the deputy director for the cyber innovation unit and chief know-how officer for mission programs afloat at NAVWAR, stated the directorate is absolutely attempting to enhance every leg of the cyber stool:
- Safe the enterprise
- Survive the battle
- Meet compliance necessities to cut back threat
“Most people think of cybersecurity as the risk reduction and compliance piece, which encompasses the risk management framework (RMF) and authority to operate (ATO) processes. But I like to think of that as going in and inspecting the building, is it up to code?” Bondi stated in an interview with Federal Information Community on the WEST 2026 convention, sponsored by AFCEA and the U.S. Naval Institute. “As we start to go through those exercises, a lot of it is very ‘check the box’ type of things that are asking ‘do you have the right things in place to be cyber secure?’ That risk reduction process is something that’s evolving now with RMFNext, and what we want to do is have all of our solutions automated so that would be happening in the background, with continuous monitoring and continuous ability to have orchestration and observability by our cyber operators.”
Bondi stated if the danger discount by means of compliance is achieved largely by means of automation, then the directorate can focus its assets on the opposite two missions of securing the enterprise and surviving the battle. She known as that “cyber firefighting.”
The Protection Division chief info officer has been on a course to explode the RMF as a part of a broad overhaul of its cybersecurity efforts over the previous 12 months. Whereas DoD has but to launch the replace to the RMF, the thought is to maneuver towards steady monitoring and steady authorization of programs.
Bondi stated NAVWAR is giving suggestions to the DoD CIO’s workplace on a few of the key elements that must be baked into the RMF Subsequent to maneuver sooner towards full automation of cyber defenses.
“If I think of what tool sets need to be deployed, a lot of what we’ve been working on is anything from zero trust systems up front, where it’s built in, to being able to have those orchestration tools, managing and monitoring to be able to meet the needs and also to provide non kinetic effects,” she stated. “What I mean by that is that the systems that we deploy have to be up to three measurements, not the RMF measurements, but how fast can we act that an adversary is in the system, how fast can we get them out, and then how fast can we return to normal? And those are the three measurements that we’re really concerned with in a future state.”
Vice Adm. Heidi Berg, the commander of Navy Fleet Cyber Command, stated on the convention that two key tenets of the DoD’s new CyberCom 2.0, which is concentrated on recruiting and coaching the present and subsequent technology of cyber staff, are threat and resilience.
Berg stated the Navy has to grasp tips on how to construct cyber resilience into applications from design to operations. On the similar time, it wants its cyber groups to higher perceive threat, utilizing information and instruments to visualise it and the way it drives funding selections.
“Understanding risk is one of the biggest and most important ways in which we can accelerate innovation and accelerate change,” Berg stated. “We have a lot to do across building mastery across our exquisite workforce, building cybersecurity and system resilience, taking known vulnerabilities and including them in the design of our hardware and fielding it, as well as driving multi-domain integration.”
Berg stated her command is taking a look at threat from each the design facet of programs that the Navy is fielding in addition to the dangers coming from adversaries attempting to get into their networks and programs.
“Oftentimes, we’ve got partners, both in the intelligence community, partners in federal law enforcement and in the interagency and in industry who can identify and see with their endpoints and their broader structure the threats and threat evolution in ways that we can’t within [DoD], so getting those lead turns with that that extended partner network allows us to better see what is happening,” she stated. “The point that I brought up about excepted networks is one that that I will hammer home. It’s a key area for 2026, how do we take networks that we’ve allowed exceptions for very good reasons, and bring them in so that we can both sensor and understand the data and the risks and the threats that are flowing across that space?”
Bondi stated NAWAR’s transfer towards programs that run on software-defined networks will assist them higher perceive the dangers and threats they face.
“It’s much more about looking at that software-defined network that has continuous monitoring capabilities and providing the tools back to Fleet Cyber Command and the sailors to be able to observe the environments at the application layer, which means that we have to move more toward a common platform for deploying in the environments that works both connected and disconnected,” she stated. “What we want to do for Fleet Cyber Command is see what tools they need. So we’re going after specific priorities, having those conversations with the various admirals and then just understanding that it’s something that the team is going to be able to use in the fleet. If I think of cyber as a massive multiplayer environment, you’ve got teams of people with different languages in the coalition forming and then going away for certain particular use cases. And you want to have a system in place that is putting cyber in the background for them doing as much as possible to automate it, so that you don’t have to be worried about the cyber instances that are occurring. You need to be able to get the information for the alerting back to people who do know what they’re looking at, so they can use informed intelligence and information to provide the protection for the mission.”
Copyright
© 2026 Federal Information Community. All rights reserved. This web site isn’t meant for customers situated throughout the European Financial Space.
