‘Balance’ Needed in Hybrid Cloud Security, Interoperability
Federal officials from CISA and SOCOM say hybrid cloud cybersecurity needs a holistic approach to be successful.
Hybrid cloud solutions have given federal agencies more flexibility in meeting their mission-specific needs and driving operations at the edge. At GovCIO Media & Research’s CyberScape Summit Thursday, leaders from the military, civilian agencies and industry emphasized the importance of hybrid cloud to cybersecurity and the steps they are taking to keep it secure and operable.
Vincent Sritapan, cyber section chief at Cybersecurity and Infrastructure Security Agency (CISA), said that the push for strong security and interoperability requires balance to drive a positive outcome for the customer experience.
“It’s really important to have things like rights and access management, all those sort of play into security versus interoperability. But what I’d say is that it’s that balance. You want to do both without hindering the customer experience when you deliver a service,” Sritapan said. “If it’s anywhere hybrid, then they shouldn’t know what’s behind the scenes, right? It should just work seamlessly.”
Jim Cosby, public sector and partners CTO at NetApp U.S. Public Sector, said that before data infrastructure can even be built, an agency needs to understand what data it has and then decide how it wants to manage, protect and store that data.
“You really need to assess what you have and then classify what you have, break it down into what’s sensitive, what’s [unclassified], what’s highly sensitive — then you can start to design the location of that data. Is it better to exist on premise? Is it safe or better to put that in cloud? Then you can set the secure security credentials around that data as well,” Cosby said.
Cosby emphasized that “intelligence” on the data that is being managed is essential to multi-domain operations. Whether the data is on premise or in the cloud, Cosby said it needs to be accessible everywhere, from “a core data center, an HQ, a garrison, a tarmac. You want that same technology to be at edge sites if you can. You want it in ships, submarine aircraft. Something in the size of a Coke can and a backpack on a class-ruggedized server.”
U.S. Special Operations Command (SOCOM) CTO Mark Taylor said the greater challenge for the service comes from maintaining legacy systems alongside new technologies.
“The challenge that we face and the challenge that we work to overcome is the fact of having two different ways of doing business. If you try to build the future while trying to maintain and keep the old at the same time, you’re doing two things probably sub-optimally versus doing one thing well,” Taylor said.
Taylor added that the solution lies in approaching the cloud in a holistic way, thus making sure that the way things are done in the cloud is the same way things are done on premise with the same security standards and capabilities.
When it comes to information sharing between government and industry, Sritapan said that knowledge of agency operations is key to getting organizations in cooperation with each other.
“The key thing starts with information sharing; understanding what is available, what you have, what your requirements are. Notably, what we do within the federal civilian space or DOD probably is not unique,” Sritapan said. “Understanding what we have, what our strengths are and what we can share across the board is unique. It’s something that, honestly, isn’t done too much.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Biden Signs New Tech Executive Orders Before Departing Office
Joe Biden signed two new executive orders this week promoting future cyber and AI priorities before Donald Trump takes office Monday.
5m read -
DODIN Strategy Aims to Outpace Cyber Threats
JFHQ-DODIN Commander Lt. Gen. Paul Stanton says the new "How We Prevail" plan moves from reactive defense to proactive threat mitigation.
4m read -
Preparing for the Future Cyber Landscape
CISA, CFPB and Rubrik discuss how they’re building cybersecurity best practices and developing their workforces to prepare for the future threat landscape and bolster cyber resilience.
30m watch -
Air Force Chief: Modernization Is Critical to Maintaining Superiority
Air Force Secretary Frank Kendall cites AI, automation and cyber resilience as key modernization components to outpace China by 2050.
3m read