The Department of Defense (DoD) unveiled its outside the continental United States (OCONUS) cloud strategy last month, which strives to enable an all-domain advantage for international operations through cloud innovation. Officials from DoD and Rackspace Government Solutions stopped by MeriTalk’s Cloud Café July 15 to talk about OCONUS and the benefits and challenges to cloud modernization.
“The vision for the OCONUS cloud strategy is really about enabling dominant all-domain advantage through cloud innovation and resilience,” DoD Director of Software Modernization Jason Weiss, said at the event. “This means that through cloud computing, all of the joint forces will have greater access to all of the high-tech software-driven solutions that are empowering data-driven decisions and enhancing collaboration across all of the domains, air, land, sea, space, and of course cyberspace.”
Modernizing cloud strategies is a tall task. Lorenzo Winfrey, senior product manager for Rackspace Government Solutions and formerly chief of architecture and standards at the Defense Intelligence Agency (DIA), recalled that he was part of the team responsible for building out the cloud footprint at the DIA, and detailed what it took to get higher-ups on board.
“Change isn’t always easy,” Winfrey said. “And so, it was our team’s job to get in with the mission stakeholders to talk about the value that could be generated, and the efficiencies both from a cost as well as the capability level and talk to them about how modernizing – whether that was lift-and-shifting or fully refactoring capabilities – how that could drive better outcomes for the warfighter.”
Security is one of the pillars of cloud modernization for the DoD, a standard set forth by Acting CIO John Sherman. Weiss noted that incorporating zero trust principles is an essential part of securing the cloud.
“When we talk about sharing information in a protected environment, we are also talking about sharing it with non-users,” Weiss said. “And so, when we think about cybersecurity in this realm, we must incorporate zero trust principles to ensure that as we push that data out.”
“We need to enable the secure sharing of this information and zero trust is going to be a dominant way to pull that off,” Weiss continued. “In fact, the zero trust solutions, really need to focus on these emerging cloud-enabled cyber capabilities. When we think about cyber actors – and they’re going to continue to use both technical and non-technical means to try to defeat our cybersecurity safeguards –they’re after the same data that we’re trying to protect.”
Winfrey said multi-cloud modernization can help contribute to transforming the cyber posture from a defensive one to an offensive one.
“More and more different types of threats start to emerge,” Winfrey said. “[There’s] ransomware, you got these unknown vulnerabilities, you got misconfiguration of cloud services – which I think is a huge thing that any organization, particularly the government, can key in on in terms of education and training with the employees.”
“So often, these tools have the opportunity to provide such tremendous amounts of value,” Winfrey continued. “But there’s an ease in the way that they are procured and deployed that I think sometimes lulls us into a sense of security that is not warranted. We need to have that same level of vigilance with the cloud services even though they’re easier to deploy. They have all these things that make them so simple. We’ve got to realize that we got to maintain that same level of vigilance, if not more when leveraging these services to kind of generate that [offensive] value.”
To hear the rest of Weiss and Winfrey’s conversation, register for MeriTalk’s Cloud Café and watch the session on-demand.