Forescout wins DoD contract to protect network devices
Forescout Technologies, Inc of San Jose, CA announced on September 1 it was selected by the U.S. Department of Defense (DoD) to expand cybersecurity across its global enterprise as the initial phase of a multi-million dollar contract award through 2020. The Defense Information Systems Agency (DISA) chose Forescout’s technology as the foundation of the DoD’s “Comply to Connect” (C2C) initiative, a security framework to provide the highest level of assurance for authentication, authorization, compliance assessment and automated remediation of devices connecting to the DoD information network (DoDIN). The multi-year C2C program will impact all branches of the U.S. Armed Forces, as well as other DoD Agencies and Centers.
“The opportunity to power this high-profile, comprehensive federal cybersecurity program is a huge validation of our team and technology. We are proud and excited to be at the core of helping the DoD to transition to complete visibility and continuous monitoring of its many large and complex networks and millions of devices,” said Michael DeCesare, chief executive officer, Forescout. “The U.S. military has a truly unique environment comprised of traditional information technology (IT) systems as well as embedded IT in mission systems. The DoD needed a platform that would allow it to continuously identify and mitigate cyber risk within these disparate systems to assure mission readiness across the force.”
The DoD determined Forescout’s platform to be most effective at agentless, real-time discovery and classification of every IP-connected device in its office, facility and tactical environments. Forescout has supported the C2C program from its pilot and early adopter phases at DoD enterprises including DISA, the Marine Corps, the Navy’s Next Generation Enterprise Network (NGEN), and Army Medical Command (MEDCOM). These first C2C pilots have also proven efficiencies in their administration workflows through Forescout’s policy-based orchestration with existing security and management tools – a feature that is planned for implementation across the enterprise now that the program is under centralized management.
C2C is one of the largest government cybersecurity initiatives in the world that ensures trusted, authorized devices are rigorously inspected for malicious code, prohibited software, noncompliance and other risks. A major difference between C2C and previous security programs is that C2C is applicable to non-traditional operational technology (OT), commercial smart devices, and embedded control systems that DoD and other agencies increasingly rely on to fulfill their missions, but which cannot host aftermarket security software. This wider array of mission-critical systems defined by U.S. Cyber Command and protected by Forescout includes Internet of Things (IoT) devices and Platform Information Technology (PIT) such as industrial control systems (ICS), weapons systems, autonomous vehicles, and medical gear.