- Multi-year “Comply to Connect” (C2C) program delivers enterprise-wide capabilities to secure DoD networks
- Forescout provides foundational cybersecurity capabilities for C2C, and has been implemented by the Navy and U.S. Marine Corps, the pathfinders for C2C
SAN JOSE, Calif., Sept. 01, 2020 (GLOBE NEWSWIRE) -- Forescout Technologies, Inc., the leader in Enterprise of Things security, today announced it was selected by the U.S. Department of Defense (DoD) to expand cybersecurity across its global enterprise as the initial phase of a multi-million dollar contract award through 2020. The Defense Information Systems Agency (DISA) chose Forescout’s technology as the foundation of the DoD’s “Comply to Connect” (C2C) initiative, a security framework to provide the highest level of assurance for authentication, authorization, compliance assessment and automated remediation of devices connecting to the DoD information network (DoDIN). The multi-year C2C program will impact all branches of the U.S. Armed Forces, as well as other DoD Agencies and Centers.
“The opportunity to power this high-profile, comprehensive federal cybersecurity program is a huge validation of our team and technology. We are proud and excited to be at the core of helping the DoD to transition to complete visibility and continuous monitoring of its many large and complex networks and millions of devices,” said Michael DeCesare, chief executive officer, Forescout. “The U.S. military has a truly unique environment comprised of traditional information technology (IT) systems as well as embedded IT in mission systems. The DoD needed a platform that would allow it to continuously identify and mitigate cyber risk within these disparate systems to assure mission readiness across the force.”
The DoD determined Forescout’s platform to be most effective at agentless, real-time discovery and classification of every IP-connected device in its office, facility and tactical environments. Forescout has supported the C2C program from its pilot and early adopter phases at DoD enterprises including DISA, the Marine Corps, the Navy’s Next Generation Enterprise Network (NGEN), and Army Medical Command (MEDCOM). These first C2C pilots have also proven efficiencies in their administration workflows through Forescout’s policy-based orchestration with existing security and management tools – a feature that is planned for implementation across the enterprise now that the program is under centralized management.
C2C is one of the largest government cybersecurity initiatives in the world that ensures trusted, authorized devices are rigorously inspected for malicious code, prohibited software, noncompliance and other risks. A major difference between C2C and previous security programs is that C2C is applicable to non-traditional operational technology (OT), commercial smart devices, and embedded control systems that DoD and other agencies increasingly rely on to fulfill their missions, but which cannot host aftermarket security software. This wider array of mission-critical systems defined by U.S. Cyber Command and protected by Forescout includes Internet of Things (IoT) devices and Platform Information Technology (PIT) such as industrial control systems (ICS), weapons systems, autonomous vehicles, and medical gear.
The program is now open for all DoD units and paves the way for continued C2C growth across the DoD enterprise. Forescout licenses are centrally procured and managed by DISA’s C2C Program Management Office (PMO) on defense agencies’ behalf and are provided to these agencies until all licenses are utilized and C2C expands into additional phases.