Sec. 1631. Reorientation of Big Data Platform program
755 words·~3 min read·
/bill/116/s/1790/es/section-1631·A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Not later than January 1, 2021, the Secretary of Defense shall— reorient the Big Data Platform program as specified in this section; and align the reorientation effort under an existing line of effort of the Cyber Strategy of the Department of Defense. The Secretary shall act through the Principal Cyber Advisor and the supporting Cross Functional Team in the oversight of the implementation of paragraph (1). Not later than January 1, 2021, the Secretary shall establish a common baseline and security classification scheme for the collection, storage, processing, querying, analysis, and accessibility of a common and comprehensive set of metadata from sensors, applications, appliances, products, and systems deployed across the Department of Defense Information Network (DODIN) to enable the discovery, tracking, and remediation of cybersecurity threats.
In carrying out paragraph (1), the Secretary shall— take such actions as the Secretary considers necessary to standardize deployed infrastructure, including the Department of Defense’s perimeter capabilities at the Internet Access Points and the Joint Regional Security Stacks, and the routing of data laterally and vertically from Department of Defense Information Network segments and tiers, to enable standard and comprehensive metadata collection; take such actions as the Secretary considers necessary to standardize deployed cybersecurity applications, products, and sensors and the routing of data laterally and vertically from Department of Defense Information Network segments and tiers, to enable standard and comprehensive metadata collection; develop an enterprise-wide architecture and strategy for— where to place sensors or extract data from network information technology, operational technology, and cybersecurity appliances, applications, products, and systems for cybersecurity purposes; which metadata data records should be universally sent to Big Data Platform instances and which metadata data records, if any, should be locally retained; and expeditiously and efficiently transmitting metadata records to the Big Data Platform instances, including the acquisition and installation of further data bandwidth; determine the appropriate number, organization, and functions of separate Big Data Platform instances, and whether the Big Data Platform instances that are currently managed by Department of Defense components, including the military services, should instead be jointly and regionally organized; determine the appropriate roles of the Defense Information Systems Agency’s Acropolis and United States Cyber Command’s Scarif Big Data Platforms as enterprise-wide real-time cybersecurity situational awareness capabilities, as complements or replacements for component-level Big Data Platform instances; ensure that all Big Data Platform instances are engineered and approved to enable standard access and query capabilities by the Unified Platform, the network defense service providers, and the Cyber Mission Forces, with centrally managed authentication and authorization services; prohibit barriers to information sharing, distributed query, data analysis, and collaboration across Big Data Platform instances, such as incompatible interfaces, interconnection service agreements, and the imposition of accreditation boundaries; transition all Big Data Platform instances to a cloud computing environment in alignment with the cloud strategy of the Chief Information Officer of the Department of Defense; consider whether packet capture databases should continue to be maintained separately from the Big Data Platform instances, managed at the secret level of classification, and treated as malware-infected when the packet data are copies of packets extant in the Department of Defense Information Network; in the case that the Secretary decides to sustain the status quo on packet capture databases, ensure that analysts operating on or from the Unified Platform, the Big Data Platform instances, the network defense services providers, and the Cyber Mission Force units can directly access packets and query the database; and consider whether the Joint Artificial Intelligence Center’s cybersecurity artificial intelligence national mission initiative should include an application for the metadata residing in the Big Data Platform instances.
The Secretary shall ensure that the Unified Platform program utilizes the data and the data indexing schema that is native to the Big Data Platform rather than creating a duplicate index or data tagger. The Secretary shall ensure that the Services and office of the Big Data Platform program— seek advanced analytics and applications from Government and commercial sources that can be executed on the deployed Big Data Platform architecture; and collaborate with vendors offering commercial analytics and applications, including support to refactoring commercial capabilities to the Government platform where industry can still own the intellectual property embedded in the analytics and applications.
Not later than 180 days after the date of the enactment of this Act and not less frequently than once every 180 days thereafter until the activities required by subsection (a)(1) are completed, the Secretary shall provide the congressional defense committees a briefing on the activities of the Secretary in carrying out subsection (b).