SouthCom to Assess Thunderdome, Advance CJADC2

U.S. Southern Command will partner with the Defense Information Systems Agency early in 2024 to evaluate whether Thunderdome, the agency’s zero-trust network architecture program, is a viable option for the command to protect its networks.

“If you think about the SouthCom [area of responsibility], mission partner environment, every country that we work with has different capabilities, so we have to use a solution that has a low floor,” Col. Anne-Marie Wiersgalla, communications director at SouthCom, told GovCIO Media & Research at the annual AUSA conference Oct. 10 in Washington, D.C. “When I say low floor, if I’m talking about a country that doesn’t have network infrastructure, they don’t have talented folks, they might not be cyber secure — What are the lowest minimal standards that I can apply to my mission partners, and how do I scale it up based on ability?”

DISA’s Thunderdome program released earlier this year led to a $1.86 billion contract with Booz Allen Hamilton to transition the program from prototype to production. The prototype was initially scheduled to be completed last year, but shifted its timeline after the war in Ukraine highlighted the need for the Defense Department to develop a cybersecurity solution for DOD’s classified network, SIPRNet.

Enabling Secure Collaboration

The command has also finished phase one of its Wickr RAM pilots, which allows personnel to share encrypted communications across networks and various devices even in the controlled unclassified level.

“Initial feedback has been great. I can put this application on my NIPRNet computer. I can put it on my personal cell phone. I can be at my desk in my office in a secure space, and I can message a mission partner on their cell phone down in Latin America or in Central America and have a level of trust that that information is secure up to a CUI level,” said Wiersgalla.

Dealing with transnational criminal organizations is only part of the challenge for the command. Maj. Gen. Dusty Shultz, the command’s intelligence director, said criminal organizations are involved in $300 billion worth of industry in the region, but that only $100 billion comes from narcotics trafficking. The other $200 billion is attributed to unregulated fishing, harvesting of minerals and deforestation of partner nations. Many of these activities are linked to China, which is expanding its influence in Latin America by controlling critical minerals, leveraging economic ties and building space facilities.

Twenty-two of 31 nations within the area signed up for the “Belt and Road Initiative,” China’s landmark plan to bring infrastructure to countries around the globe. Critics see the strategy as China’s way to spread its economic influence.

An Eye to CJADC2

Every year, SouthCom conducts a series of eight exercises to maintain its security expertise. Service leaders are looking to layer innovation and technology to the ongoing exercises to build multi-domain awareness in the region. Wiersgalla said that CJADC2 will be foundational to achieving that goal.

In the past when sharing information, the command developed “walled gardens,” or environments that control user access to network-based content and services, Wiersgalla said. Considering the wide variety of missions in the region, this created a challenging environment in which to operate.

For example, when the command has a migration mission set, they would not share the information with their partners responding to a counter-narcotics mission.

“If we develop a network based on an identity management attribute or role-based using data as the centric solution instead of the network, I know who’s on that network based on their identity or their role, they have access to that information. I can have it in that network in Miami or in Colombia or in Costa Rica … and I can scale it. It can be large, it can be small, just based on that community of interest,” said Wiersgalla.

“Zero trust, data centricity, mission partner environments, interoperability and defensibility. Those are all foundational concepts of CJADC2 to execute globally integrated operations around the world,” Wiersgalla added.