IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Pentagon pauses $2 billion cyber security project

Security system not ready for classified networks says watchdog

The Pentagon

The US Department of Defense (DoD) has reportedly frozen a $2 billion cyber security project designed to consolidate local network security following poor test results.

The DoD hit pause on the system, called the Joint Regional Security Stacks (JRSS), after a report from its director of operational test and evaluation Robert Behler, said Bloomberg.

The JRSS project is a partnership between the Army, Air Force, and Navy to consolidate their networking in secure hubs. Each stack is a suite of equipment serving multiple military bases in a single region handling firewalls, intrusion prevention systems, and other security operations over MPLS networks. The JRSS project also virtualizes network routing and upgrades the military's security from around 1,000 local security stacks worldwide to 50 across 11 JRSS sites in the US and five elsewhere, standardizing security operations.

The DoD began running traffic across JRSS installations as far back as 2014 and was supposed to have fully migrated to JRSS by the end of 2019, but problems have dogged the system.

According to Bloomberg, Behler's latest evaluation states the system is “unable to help network defenders protect DoD component networks against operationally realistic cyber attacks.”

Previous reports from the DoD's director of operational test and evaluation explained the system was inadequate, using the same wording. Behler warned in 2019 that "Despite its complexity, the DOD has treated JRSS as a “technology refresh” and has not funded the personnel and training typically associated with DoD acquisition programs of record." 

Related Resource

Channel Pro Insight: A fast guide to central network management

How to stay connected and secure with central network management

A fast guide to central network management - whitepaperDownload now

That report, which also detailed a red team attack organized to test system security, advised the DoD to stop migrating new users to the system until it was operationally secure.

According to Bloomberg, the decision to pause the system follows a classified February 2020 report that also highlighted inadequate cyber security. As a result, Behler's latest report said that the Pentagon would reduce funding for the project next year, effectively pausing the expansion of the JRSS into classified networks until 2023.

The report also suggested the Pentagon continue developing alternatives to the JRSS.

In a 2019 report, the US Government Accountability Office (GAO) warned the DoD had not fully completed several key initiatives to improve its cyber security hygiene, including cyber education and training, removing vulnerabilities from its networks, and integrating cyber security into its exercises.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

NOAA unveils two new supercomputers in effort to better predict extreme weather
high-performance computing (HPC)

NOAA unveils two new supercomputers in effort to better predict extreme weather

29 Jun 2022
Google aims to court US public sector with new division
public sector

Google aims to court US public sector with new division

29 Jun 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
LinkedIn to pay $1.8 million to employees after settling gender discrimination charges
Careers & training

LinkedIn to pay $1.8 million to employees after settling gender discrimination charges

4 May 2022

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022