Darron Makrokanis didn’t seek his career path out—duty came calling to his doorstep. Makrokanis began in law enforcement in the Washington, D.C. region, assigned to federal task forces as well as handling investigative operations. Makrokanis’ trajectory took a turn after the September 11th attacks, when he was recruited by a subcontractor for Booz Allen Hamilton, who ultimately brought him on board.
Furthering his dedication to upholding national security objectives, Makrokanis joined the U.S. Navy during his nearly half-decade stint at Booz Allen. At the service branch, he served as a direct commission intelligence officer supporting expeditionary warfare and special warfare teams. Subsequently, Makrokanis worked primarily with public sector clients at companies like Splunk, Druva, D2iQ and Tenable, where he was vice president and general manager of sales for federal and systems integrators.
The executive came to cybersecurity software company Xage Security in 2022 as its chief revenue officer. In this role, he spearheads the organization’s entire international go-to-market strategy, planning and execution, as well as the full spectrum of sales and business development. Given his background in government and the military, Makrokanis inherently understands mission requirements and how they’re built, as well as what incentivizes systems integrators and what end users are looking for.
In this Executive Spotlight interview, Makrokanis shared thoughts on how certification requirements may be preventing efficient cybersecurity practice adoption; the crucial nature of distributed ledger technology in the future of the field; and how to best shrink the attack surface.
Do you think the United States’ cybersecurity efforts are keeping up with demand? If not, how can we accelerate and broaden cybersecurity?
The U.S. can optimize how it achieves cybersecurity goals by reducing friction and accelerating adoption of new cybersecurity technologies. This will require a new mindset around engaging with small businesses, as small startups are producing some of the most innovative and effective cybersecurity solutions. I think innovative cybersecurity companies take way too long into their maturation to be adopted. And I have come across requirements like the Department of Defense’s Cybersecurity Maturity Model Certification that could, if structured correctly, assist even more in rapid adoption efforts. It would be great to see some flexibility with DOD CMMC requirements so that software vendors can accelerate adoption of innovative technologies for critical infrastructure protection.
There needs to be a clearer line of sight for startups to reach the finish line and to also accelerate through the Small Business Innovation Research program. When you go from a phase two to a phase three, authority to operate needs to be incorporated and that will help get these innovative technologies not only visible sooner, but also hopefully adopted much sooner, so that the DOD and other Federal agencies can tap into the benefits of new cybersecurity technologies to support the mission. It shouldn’t take multiple years to go from phase one to three and through a full acquisition process each time that delays efforts by a half year or more. If we truly want to move with purpose, both the acquisition process and the assessment process needs to be sped up significantly.
The White House has given government agencies until 2024 to establish and implement a zero trust plan. What are some of the key barriers that agencies will be dealing with as they come up with these plans, and what’s your take on the path forward?
When they try to implement plans like this, the government has to take into consideration not only the technologies that are out there now, but also what’s been out there. In a lot of these places, there are legacy technologies like Internet of Things systems that just don’t support a zero trust requirement like multifactor authentication or Just-in-Time, Just Enough privilege and access requirements. To implement a zero trust plan, government agencies will need to figure out how to bring legacy systems up to modern standards. There are technology companies out there that exist to specifically address these gaps in a vendor agnostic and network independent way that allows existing legacy systems to conform to the zero trust mandates, while allowing agencies to continue moving toward their digital modernization goal and implementing zero trust.
Another key barrier is the lack of cybersecurity resources in general. Specifically with zero trust, a lack of understanding and knowledge makes tackling zero trust implementation much more challenging. As a whole, if you don’t have the core education or understanding about zero trust principles, implementation is going to be tough.
We’ve heard for many years through company CEOs and pundits on the news that cybersecurity talent is in short supply. We have to continue to prioritize cybersecurity education beginning in grade school and all the way up through high school and continuing education in college, making it easier for our next generation cybersecurity workforce to get the relevant certifications & skillset they need.
The cybersecurity vendor community also introduces challenges in implementing zero trust. There are so many different vendors coming out with point solutions that require customers to re-architect their environments in complex ways that lead to an extremely large attack surface. Cybersecurity vendors need to move to an interoperable platform approach, to simplify and automate that complexity away and thereby shrink your attack surface.
At the same time, we need to address the gap that we have in cybersecurity beyond information technology systems. All of those aforementioned things combined will help organizations lessen their cybersecurity risk profile but it is important to incorporate non-IT systems such as operational technology into the overall cybersecurity requirements.
Government mandates exist for OT and operational networks, but they reference practices that are decades old. The government needs to understand—and I think they are starting to understand—that IT and OT are converging and that digital transformation is happening. Emerging cyber solutions that can be deployed in these OT environments now using zero trust principles offer a much, much stronger security profile than was previously available.
The next evolution of the DOD Zero Trust Strategy & Roadmap should extend into operational or non-traditional IT systems. OT systems underpin the mission from facilities and logistics depots, weapon systems, reconnaissance and situational awareness, ships and other warfighting equipment across land, sea and air, as well as launch and space-based systems that contain cyber-physical assets or mission sensors. While not traditional IT systems, these systems and operations are critical to warfighter and mission success and increasingly require services that span across cloud, IT and operational environments. The rigor of zero trust approaches is needed end-to-end to prevent adversaries finding and compromising points of cyber weakness.
Where are you seeing the most exciting opportunities to deliver better capabilities to our warfighters today, and how are you harnessing these opportunities?
Securing technology at the tactical edge and cross domain data-sharing are two of the most important opportunities for cybersecurity writ large. These capabilities are crucial to remove friction and enable our warfighters to achieve mission success. Focusing on decentralized and disconnected data sharing and access policy enforcement is often not written into the requirements that we’ve seen, but is an area that needs to be given a lot more attention.
This presents an opportunity for us at Xage to provide a differentiated capability to our warfighter. We provide a resilient solution that can deploy into contested theaters, and can enforce identity-based access policy even in situations with denied, disrupted, intermittent and limited connectivity. Ensuring the integrity and availability of the data our warfighters use to make decisions in the modern battlefield is of utmost importance And I think that is ultimately where we see a great opportunity: at the tactical edge and the cross-domain places where they intersect.
We are also seeing opportunities to consolidate the number of cybersecurity tools via a platform approach and optimize the protection measures. There are many separate tools for identity and access management, privileged access management, credential management, multi-factor authentication and other security needs, instead of a comprehensive approach to these use cases. As a result, you have these really complex architectures with the continued expansion of these attack surfaces, and the costs become very significant to apply and maintain these networks over the last decade. As a result, cybersecurity costs have skyrocketed over the years. Xage’s capabilities allow for consolidation of these use cases into a single platform to reduce complexity and cost, and at the same time reduce the attack surface.
Which emerging technologies do you anticipate will have the greatest impact on the federal landscape in the next few years?
Definitely distributed ledger. Many people use the word blockchain, but I think that’s a widely misunderstood term. People hear “blockchain” and they immediately think of cryptocurrency. That’s not what I’m suggesting—I think distributed ledger technologies will ultimately provide many advantages over legacy approaches to distributed security policy enforcement. It’s extremely well suited to handle diverse ecosystems across various DOD domains. It provides resiliency to air, sea, land, space and terrestrial assets that are often disconnected when they go on on different missions. Furthermore, it can provide a tamper resistant and continuous trust attestation, which ultimately is required by the DOD zero trust execution roadmap that was published last year, so it compliments the DOD zero trust roadmap perfectly.
This is ultimately a next generation cybersecurity approach that ensures that there is no single point of failure and there is no compromise. The distributed ledger enables a highly resilient, highly available cybersecurity mesh architecture that removes singular points of failure or attacks. It ensures that a single intrusion does not have a broader mission impact.
The way to think about it is that a traditional cybersecurity solution that relies on continuous connectivity to a central policy database can be completely neutralized if it becomes disconnected, accidentally or through adversarial action. A cybersecurity mesh that leverages a distributed ledger can enforce policy locally at the edge even if connection to other sites or nodes is lost. Cybersecurity applications leveraging a distributed ledger-type technology, when implemented correctly, will definitely have advantages over traditional applications that are dependent on access to a central site (or cloud resources).
Distributed ledger has a much more modern, hardened and resilient approach to it. A distributed application can also deliver services close to the warfighter, with higher availability, greater resiliency, and no single point of failure.
Going a bit deeper, there are programs out there like Joint All Domain Command and Control and the Advanced Battle Management System, that are going to require different cybersecurity mindsets and drive adoption of next generation applications. Networks and data across the DOD and partner agencies are heavily siloed, which can introduce friction into mission operations. The next generation of cyber solutions will need the ability to span disparate networks and systems that are architected to deliver services in a federated way. Access controls and edge data protection are going to be very critical as we continue to move forward.
In summary, my contention is that distributed enforcement mechanisms and new approaches to secure cross domain data sharing will be critically essential to realizing the success of programs like JADC2 and ABMS.