Understanding the DoD’s Data Strategy: Part 2

Published in late 2020, the DoD Data Strategy emphasizes the importance of unlocking and operationalizing data-value from across its enterprise to support mission operations and maintain battlefield advantage. The strategy highlights seven goals and objectives that the DoD believes will align the DoD's Data Strategy with industry best practices.

In part one of this series, "Understanding the DoD’s Data Strategy: Part 1," we examined three of the Data Strategy’s goals and objectives, including making data visible, accessible, and understandable. In part two, we'll examine the four other key objectives of the Data Strategy, including data linkages, data trustworthiness, interoperability, and security.

4. Make Data Linked

Data linkage brings together data from different sources to create a new, more holistic and richer dataset for the consumer. Multiple types of data from a variety of sources are combined and presented to provide additional operational and mission context. In the context of the DoD, robust and dynamic data linkages enable advanced joint-all-domain battlefield management and situational awareness (e.g., JADC2, Overwatch, etc.).

Traditionally, operational data linkages have required Operators to combine heterogeneous data sources or information silos with common formatting or warehousing platforms using tightly coupled architectures into a single query-able repository. This approach restricts or limits operational data-value because it requires data to be structured during the data load time with a predefined schema. If the data does not conform to the predefined schema, it is rejected, and no data-value can be attained. This limitation will significantly reduce the variety of data sources that can be linked and will dramatically reduce its ability to present information in real-time.

Alternatively, technologies exist which overcome the data-value limitations associated with structured data silos and predefined schemas. Technology that enables data linkages between disparate data sources and feeds, with no requirement for pre-structuring data or schemas, provides significantly more data-value at the mission and enterprise levels. The ability to access and understand data from ground-based, ship-based, air-based, and space-based assets enables decision-makers to accelerate real-time data driven decision-making.

5. Make Data Trustworthy

Ensuring trusts is essential to successfully building and maintaining a data-centric enterprise. For example, data is everything to a pilot operating a tactical aircraft. Performance data, maintenance data, in-flight data, and on-target data all act as fuel to support not only the immediate AOR of the pilot but also broader AO command and control centers. This data must be trustworthy at both the tactical level and the strategic level so that decision-makers are able to make informed strategic decisions in real-time. 

Current industry trends include using the latest innovations in Machine Learning (ML), mining data greater and greater volumes, to accelerate informed decision-making. There is now more data available than ever. But while this boom in information is absolutely an example of positive progress, it makes data security and reliability more crucial than ever. 

Supporting this trend are at least 5 best practices:

1. Collect real-time data from as many sources as possible to ensure holistic AOR/AO views
2. Unlock the value of Dark Data in the enterprise to ensure context and identify patterns
3. Integrate data and data streams to eliminate data silos and expand/enrich data sources
4. Establish data governance policies to ensure data quality, data sharing, and data access
5. Automate workflows, especially the ones for data collection/indexing as they’re responsible for ingesting, transforming and organizing data for further use
   
   

6. Make Data Interoperable

Data interoperability addresses the ability of systems and services that create, exchange and consume data to have clear, shared expectations for the contents, context and meaning of that data. As the Data Strategy states:

“Properly exchanging data between systems and maintaining semantic understanding are critical for successful decision-making and joint military operations.”

The DoD has data challenges like no other organization. Sensors and information technologies are diverse and deployed globally. The machine data culled from those systems comes in all different shapes and sizes. Having a flexible platform capable of ingesting data from disparate systems and sources will help aggregate silos of data across AOs and bring context and visibility to solve all types of problems across mission operations.

One continuing trend for data management and interoperability is to ensure that any given software package is fully integratable across multiple data platforms. Typically this integration is done at the API level and ensures that point-solutions are able to interoperate with stands-based on predominant data analytics platforms. For instance, Splunk integrates with more than 3,000 software and hardware vendors – ensuring that unstructured data streams can be captured and utilized to support mission operations. In practical terms, it means being able to capture data from highly advanced sensors in the ships, planes, tanks, and Humvees on the front lines, sending critical, real-time information back to headquarters, then deploying state-of-the-art AI and machine learning tools to analyze multiple points of data and quickly arrive at an optimal solution.

7. Make Data Secure

Cybersecurity is a broad concept that pivots on the concept of secure data. Data security is essential to exercising all aspects of the DoD Data Strategy and is essential for mission operations, operational continuity, and all C4 efforts. Enabling secure utilization and sharing of data while at rest, in motion, and in use (within applications, with analytics, etc.) is a minimum barrier to entry for any data-centric enterprise.

A recent trend in data security across the U.S. Government has been the adoption of Zero Trust strategies. Modern networks and systems are becoming increasingly complex and it’s difficult to manage and monitor enterprise data to reduce threats and secure systems. Traditional approaches to network security cannot keep up with the increasing volume, variety, and velocity of data, much less provide the ability to easily and rapidly segment, isolate, and protect the network as it evolves. Newer technologies provide a pragmatic way to manage risk across the network and turn secure data into meaningful mission outcomes across the organization. Using an analytics-driven approach to security, these technologies enable optimized monitoring, prioritization, response, containment, and remediation processes by analyzing all cloud, on-premises, and hybrid machine data to understand the impact of patterns, alerts, or incidents. Zero trust is driving an industry shift, delivering the innovation required to power a new generation of security operations. 

Splunk is uniquely positioned to address Zero Trust challenges to modernize the SOC and to better detect, respond, and most importantly, adapt at machine speed. This is only possible with a robust data security approach that turns the SOC into a security nerve center. With Splunk as the nerve center, an enterprise can optimize people, processes, and technology. Security teams can leverage statistical, visual, behavioral, and exploratory analytics to drive insights, decisions, and actions. Organizations can use all data from the security technology stack to investigate, monitor, analyze and take rapid, coordinated action in a manual, semi-automated, or automated fashion across the entire organization.

Everything Starts with Data. 

Organizations cannot combat threats that are not visible, known, or understood. Data is the oxygen that gives life to a Security Operations Center (SOC). Analytics and algorithms breathe it, but of equal importance is the ability to ingest data from any source, structured, or unstructured regardless of volume. Splunk offers a Data-to-Everything platform that helps organizations connect disparate technologies together, their data, their insights, their actions, thus allowing these technologies to share and gain content, and to leverage analytical, machine learning, and automation capabilities. This ultimately helps an organization make better, faster, and more effective decisions across security, IT operations, and every other part of the enterprise and take precise action to defend global networks and mission operations.

Earlier this year, Splunk was designated as a core enterprise technology partner by the DoD (DoD Directive 8470.01E) and has since established a Core Enterprise Technology Agreement (CETA) with the DoD CIO office and the Enterprise Software Initiative (ESI). Splunk is a leading U.S. based manufacturer of cybersecurity software and data analytics platform solutions and has been widely deployed across the DoD and the U.S. Government. Splunk is also widely utilized by the commercial sector, and we have significant experience helping organizations design, implement, and operate enterprise-wide mission operations and data analytics solutions. Our solutions can be delivered on-premises, in the Cloud, or in a hybrid or multi-cloud environment. It is important to note that Splunk delivers the solutions and services described in this document via business partners and system integrators, with whom we work closely to deliver solutions to our customers. 

----------------------------------------------------
Thanks!
Jeff Keas