As the Pentagon makes an unprecedented push to the cloud through the Joint Enterprise Defense Infrastructure (JEDI) contract and others, one of its top cybersecurity officials is of the mind that it will leave the military in a better position to protect its most sensitive information.
Some have been hesitant about moving highly secured Department of Defense data off local systems and into commercial cloud solutions, like will be the case for the $10 billion JEDI. But Donald Heckman, principal deputy CIO for cybersecurity at DOD, says it’s really an opportunity to improve DOD’s data management and cyber posture.
“Some people think it’s a challenge. I think it’s an opportunity,” Heckman said Thursday at the Cybersecurity Leadership Forum presented by Forcepoint and produced by CyberScoop and FedScoop. “We’re viewing the movement to the cloud as a force-multiplier and technology that can actually enhance and improve our ability to do our missions across the Department of Defense.”
It will give the department an opportunity to bring together data from different areas of the department and look at security that and the underlying systems from more of an enterprisewide perspective. “If you think about a cloud environment and being able to have a uniform, holistic security architecture and security controls put in place that are leveraged by the various applications, I think that’s a positive thing,” he said.
Historically, DOD hasn’t been the best about integrating disparate data sets, Heckman explained. “We classify data at different levels and we put them in their own silos. And what we found was that wasn’t very successful for mission success. So we had to share that information.” The department had to create what he calls “cross-domain devices to allow very limited information sharing between the various domains and environments.”
“[We] believe that to be more effective in the future, we really need to get down to what are the data protection needs, how do we protect it, who needs to see it, where does it need to be shared, and doing that in a systematic manner,” he said.
Heckman also pointed to the types of advanced technologies that cloud can enable and how they will affect cybersecurity. It allows “us to do better machine learning and artificial intelligence and analytics for cyber sense-making, to help us identify those key anomalies in our environment, and then targeting our cyberdefenders to go look at those anomalies.”
Cloud and those emerging technologies will also boost the department’s abilities to target insider threats, he said. “As we get more and more complex and we get more and more challenged as we introduce new technologies, I think it’s critical that we really look at how you actually instrument the environment, determine what normal behavior looks like and then identify abnormal behavior so that you can actually then take our limited resources and limited set of net defenders and really focus on one of those really hard problems and challenges.”