Cloud could provide cybersecurity boost to intelligence, defense

Virtualization one key to defending critical networks: CyberCom/NSA head

The intelligence community and Defense Department are increasingly looking to virtualization and the cloud to secure the networks critical to national security, according to the commander of U.S. Cyber Command and director of the National Security Agency.

“When you think about changing that paradigm, one of the things that comes up when I talked to our folks when I asked them what would make us the most difficult target…the answer was going virtual, going to cloud technology,” Army Gen. Keith Alexander said Oct.17 at the GEOINT Symposium in San Antonio.

He said NSA has partnered with the National Geospatial Agency, the National Reconnaissance Office and the Defense Intelligence Agency – a team he referred to as ‘the quad’ – to determine how to actively defend the networks those agencies rely on.

“Not only is it more defensible, but there are some more benefits to it. It’s cheaper. The technology now is at the point where it’s faster. And it supports our mobile forces. When you think about it there are some tremendous reasons to go to the cloud,” Alexander said.

However, he acknowledged it’s a massive undertaking given the huge numbers of moving parts involved, but outlined some of the measures already under way.

“Within NSA and DOD there are those seven million pieces of IT infrastructure and systems, and 15,000 different enclaves. Our intent is to take that and collapse it down into a cloud-like structure. We’re migrating from a thick client to a thin client. We’re going to collapse the number of enclaves...moving all that data to the cloud. Marking and tagging data – we’ll call that ‘smart data’ – has a tremendous advantage to share signals intelligence information with the rest of the community, in essentially real time, like we do on the battlefield,” he said. “That’s a huge step forward,” he said.

Another key measure is a pilot program in implementing IT efficiencies in the intelligence community, he said.

Using NSA’s Georgia, Texas and Hawaii offices as pilots, Alexander said members of the community have reduced their 5,000 applications in the cloud environment to 250, and cut by half the number of help desks at NSA.

“We had 900, we’re down to 450 and we’re going down to two help desks. We’re reducing data centers significantly to just 20 across our entire infrastructure, and we’re also looking at going to open-source software,” Alexander said.

He also said NSA will move all of its databases to a cloud environment by the end of this year.

Alexander stressed the importance of the moves and said they could have broader implications across the federal sector.

“We need to jump to this new architecture to ensure our security. We all have responsibilities to make sure we protect privacy and civil liberties and all the things that go with that. But at the end of the day, we’re committed to doing this better, faster, cheaper than before,” Alexander said. “What the intelligence community and the Defense Department are doing in cybersecurity is good for the critical portions of our government.”

Reader Comments

Wed, Oct 19, 2011 Josh Ohio

This is nothing more than an escalation of a militarily-invalid option proposed as if it's a real solution. AFNETOPS destroyed NIPRNet and it's not more defendable. Saving money only shows up where it's measured and the folks within each and every organization fail to measure agility during outage response. If you save $100 per user going to SAAS, or any other option, does it really matter when you have someone twittling their thumbs for 72 hours because their problem hasn't been fixed? Factor in their wages and you're operating at a net loss as an organization. While not focused on being a cloud provider, AFNETOPS isn't tactically sound and has pathetic response times to any and all requests. The problem with most of this is that the government likes to say "All or nothing!" In this case, these non-nerds at the top continue to toss around this word "cloud". "Everything must be cloud!" There's no hybrid thinking that some of your more critical services should be maintained in-house. As all your technical assets move to the cloud, training suffers, and your IT technicians find themselves deploying to in-leiu-of positions to escort convoys because their career field has been destroyed by "brilliant leaders." As a military tactician, you must include the main tenents of confidentiality, availability, integrity.....AND....agility and survivability. Ask the general this: If you part your cloud provider for email services in two regional data centers, eliminate the PSTN in favor of VOIP, and then continue to parade around everything you do online, how long do you think it'll be until those two regional data centers become primary targets in the next war (physical or cyber)? Along similar lines, as you whittle away the external vulnerabilites, you'll never get away from the internal ones, and the increasing scope of impact one "malicious" admin may have is potentially devastating. It's all about risk/reward, but these goals I speak of are left to the only thinkers remaining (those who think vs those who manage). Waiting for NIST to identify what the cloud is so everyone can move to it is like waiting for someone to tell you what a house should look like before you can build it. Sometimes, you just need a roof over your head, four walls, and a door. Your house might fall down, but it will only affect you. If your entire neighborhood sits outside in cold, waiting for instructions on how to build a house, they might all die. : )

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above