Department of Defense information technology (IT) officials are urging senior leadership to prioritize acquisition efforts needed to speed up the integration of network automation capabilities and the migration of critical applications to the cloud.
Panelists at a Defense Systems summit on Nov. 14 called on DoD and its industry partners to re-focus the cloud computing conversation on data protection and increase engagement on machine learning solutions to cut down the burden on department analysts.
“We’re finding some of our existing tools don’t work so well in the cloud. When you look the cloud and, all of a sudden, you have this horizontal scalability with the cloud native apps, a lot of the security and malware tools don’t work so well. They’re not horizontally-aware,” said Robert Vietmeyer, the cloud computing lead for the DoD’ Office of the Chief Information Officer.
DoD is responsible for ensuring the data security of its applications hosted on commercial cloud solutions, but hopes industry can present solutions that address protection gaps.
“We’re pushing the commercial cloud providers really hard for them to natively field gaps also,” said John Hale, chief of the Defense Information Systems Agency’s (DISA) cloud portfolio office. “I think you’ll see commercial cloud providers start to meet more and more DoD policies over the next couple of years”
DISA is pushing its mission partners to prioritize applications that will maximize data security on the cloud and to consider advising shutting down those that may not.
Migration of certain applications can take up to 8 months, but DISA is working to get that down to days, according to Hale.
“The benefits of moving to a more cloud-based agile model, more mobile-friendly multi-level security model is simply something our workforce is going to expect within the next year or two,” said Hale.
Vietmeyer would like to see DoD leadership push the cloud computing conversation from network boundary protection to data protection.
“We can do whitelisting, basic firewalls and intrusion detection, but the attacks aren’t coming through those channels anymore,” said Vietmeyer, who wishes to see directives to move away from a sole focus on trusted internet connections.
Senior IT leadership is also pushing for greater conversation with industry on automation solutions to remove some of the burden on department analysts and increase the data resiliency of critical systems.
“There’s a million examples out there of work right now that when you really look at how we’re doing it, we’re spending a lot of people energy into it even when automation is there,” said Leonel Garciga, Joint Improvised Threat Defeat Agency (JIDA) J6 Chief and Chief Information Officer (CIO), on a separate panel.
The DoD workforce is willing to embrace machine learning capabilities, which aims to cut down data analytic operations from 20 or more hours to a matter of seconds, according to Garciga.
However, Garciga believes the automation directive must be pushed by leadership with greater industry involvement, especially those developing capabilities in Silicon Valley.
“Tell me how your capability is going to enable threat factors I have on my network to lessen and how you’re going to get my requirements inside of your pipeline for development,” said Garciga, detailing the conversations he has with industry in Silicon Valley.
Both panels detailed the urgency of capabilities needed for continued modernization of the DoD Information Network (DoDIN) to meet growing cyber threats in a more effective manner
“The process of actually delivering capabilities onto the DoDIN, there’s still a lot of things we do now that are really manually intensive, even where there’s commercial capabilities that helps us facilitate pushing those capabilities in a safe way onto the network,” said Garciga.