The Defense Department is investigating the effect of cybersecurity on user experience and how it can better harmonize the two.
As part of the Defense Information Systems Agency’s ongoing performance objective management (POM) process that helps inform the forthcoming budget cycle, the agency is conducting a study on user experience and cybersecurity, Lt. Gen. Robert Skinner, the head of DISA, said Thursday at the Government Identify Security Virtual Summit.
“Between those two efforts, we’re really trying to focus on how do we make it better so individuals have the right access to the right data at the right time and the right ease, while also maintaining the right level of security,” Skinner said. “And that’s the kind of harmonization that we’re working through right now.”
The study comes as many have decried the DOD’s basic desktop computing capabilities that leave some personnel unable to perform their basic job functions in a timely manner. Earlier this year, a chorus of service members and civilian personnel took to social media demanding that the department “Fix our Computers,” which caught the attention of top DOD and service IT officials.
Skinner said this harmonization of cybersecurity and user experience is a top line of effort for his agency.
“You have to have those in harmony. Because at the end of the day, you got to make sure that your data is secure. But you also can’t have it so secure to where nobody can get into it. Because … a user will usually find a way to get to the data. And usually, if it’s not through the normal system and process, then it’s probably the wrong way of doing it. And you can open yourself up to potential exploitation,” he said.
The Air Force, Skinner said, has been a leader in this arena, and he hopes DISA’s study will help take it in a similar direction.
Skinner said there is a variety of things that go into good user experience, and the aim of the study is to explore that.
“A person could be at home, and one day, the access to their data and the application and systems that they need to, it’s screaming, and it’s great,” he said. “The next day, they can have problems. And it can be anywhere from their endpoint and the device that they’re leveraging all the way through even the commercial internet, all the way back to the applications. And so it’s… how do we find out what’s the traffic flow? How does the data flow? That to me is where you get at the true understanding of where the user experience falls short.”