TRON and Transition

How a military unit uses cloud-based web isolation to "Transfer Risk Off N(on-classified Internet Protocol Router Network)"

As those of us who have served in the military for a significant period of time can attest, we begin to take certain things for granted. The sense of belonging, the pride of being part of something much bigger than ourselves, and the ability to impact the lives of many were among my greatest gratifications as a military officer.

As I navigated my transition after 27 years of service, the potential of feeling a void in any of those areas was not acceptable. Fortunately, I was able to find a team that allows me to experience a similar sense of fulfillment and gratification. Two short years ago, I was serving as Commanding Officer of a team that remains customers of the team of which I am now a part. The path from customer to Authentic8er was not foreseen but it makes perfect sense now that I am here.

We stumbled across Authentic8’s Silo platform in 2016 when we decided we wanted to take a leadership role in realizing the Department of Defense’s (DoD) vision of “operating our network as a weapons system.”

As one of the DoD’s Cyber Security Service Providers (CSSP), we wanted those words to be true. At the same time, we knew a network that was used to access social media and personal webmail was not consistent with it being a weapons system.

Instead, it was a morale network that also happened to host personally identifiable information, private health information, operational plans and details, contracts and acquisitions data, and blueprints for real weapons systems. Our desire to provide teammates with the access to non-mission essential sites via a more responsible model, while using our network infrastructure only to conduct mission essential operations inspired what we fondly referred to as the TRON Initiative, Transfer Risk Off NIPRnet (Non-classified Internet Protocol Router Network, or our unclassified network).

After considering a variety of potential solutions it became apparent that there was only one platform capable of true isolation that could scale across the enterprise to the level we envisioned. Authentic8’s Silo platform became the foundation of TRON.

Our hope was that we would scale Authentic8 across the DoD so that all CSSPs might be less distracted by the unnecessary risk our teammates were assuming by accessing non-mission essential sites with their commercial browser. Though we couldn’t control that outcome, we certainly could serve as the example for how an organization might more responsibly leverage the collaborative power of the internet while maintaining appropriate control over how our network was being used.

Three years after commencing TRON many things have changed, and a few have stayed the same. On the change side, I have transitioned from Authentic8 customer to Authentic8er, the Silo customer base is continuing to grow, the number of organizations acknowledging the faults of commercial browsers has increased, and the desire for leaders to more responsibly provide their teams access to productivity tools, while restoring trust and managing attribution has never been higher.

With respect to things that haven’t changed, that sense of gratification persists, many organizations remain in the dark about how their browser is betraying them, and the DoD continues to make progress toward delivering on the proclamation that the network is being operated as a weapons system.  

The biggest thing that hasn’t changed is the commitment I share with my long-time colleagues who remain in the Department and my new partners at Authentic8. We continue our shared quest to help teammates across the public and private sectors transfer risk off (their) network while enhancing productivity, restoring trust, and managing attribution.

It is not about operating our network as a weapons system. It is about enabling others to deliver outcomes. And it most definitely is about ensuring we as cybersecurity professionals live up to our responsibilities. Whether Authentic8er or customer - we are in this together, and I couldn’t be more excited about helping the world I just left leverage the capability and possibilities being created by the world I am now firmly immersed in.