The U.S. Army is working to both leverage the advantages of cloud migration and simultaneously ensure data security, taking on what could be characterized as a paradox.
Cloud migration, which is expanding throughout the service at lightning speed, naturally brings a host of previously unprecedented advantages such as more ubiquitous data access, broader information sharing and what could be called a nearly instant ability to pull down the data needed to make time-sensitive combat decisions. For instance, multiple nodes across a dispersed attack formation could simultaneously access vital intelligence stored on a centralized server. The cloud advantage is often described as “centralized” information with “decentralized” networking, execution and information transmission.
“Munitions are sensors, air vehicles are sensors… I just see a plethora of sensors. It all comes down to the data. When you talk about the cloud, it is about having someplace for that data to go where it is successful. All that data has to be available and then it is all about having the ability to get the right data out of the cloud to the right shooter through the right C2 [Command and Control] node, so that then you don’t have these massive bandwidth requirements on every platform everywhere,” General John Murray, Commander, Army Futures Command, told The National Interest in an interview.
Murray, and his counterpart Bruce Jette, Assistant Secretary of the Army (Acquisition, Logistics & Technology), are working to accelerate cloud migration while also offsetting additional security risks potentially introduced by the process. In addition to massively expediting crucial warzone networking, the cloud can also present vulnerabilities by virtue of there being widespread access for potential intruders should they be able to breach a single point of entry. Part of the answer or approach to this challenge, intended to maximize cloud benefit while reducing risk, is to implement data-transfer organization and scaling.
“If you think about what a cloud is, it is a server with hard drives that can run programs remotely or transfer data via some network. I don’t always want to download all the data, but only the most appropriate information,” Jette told The National Interest in an interview.
Jette explained the dual-pronged approach in terms of transferring data from the “foxhole to the Pentagon” in a survivable way, an effort which benefits from efficiently structuring the data. Part of this emphasis is informed and strengthened by fast-growing applications of AI and computer automation which can instantly gather, discern and organize which data might be most in need for a particular combat scenario. Advanced, high-speed algorithms with instant or near real-time access to vast pools of data can bounce requests or new information against seemingly limitless amounts of information, quickly perform the needed analytics and prioritize the data needed for a specific scenario. This not only streamlines communication but also prevents larger pools of data from being more vulnerable to enemy penetration.
For example, a small, dismounted infantry unit on the move might have occasion to immediately access combat-critical intelligence data stored on a far-away computer system; perhaps there are documents pertaining to enemy weapons, movements or historic tendencies potentially of great value to attacking forces. Cloud connectivity can massively impact the tactical equation in circumstances like this, all while reducing the need for a large, forward-positioned hardware footprint.
“By properly scaling where you retain data and how much you replicate and update the protocols you can mitigate a lot of the risk issues that are there today,” Jette said.
Also, as part of this complete equation, there are instances wherein cloud utilization can add additional security benefits through software updates and increased virtualization. By moving beyond a more singular focus on perimeter security or hardware, cybersecurity initiatives can have a wide reach across the cloud through virtualized improvements. In essence, software upgrades can impact an entire network versus a more narrowly-configured application.
Jette, who oversees somewhere between 600 and 800 acquisition programs, addressed the now long-standing ASA ALT (Assistant Secretary of the Army Acquisition, Logistics and Technology) effort to engineer cyber resiliency into technical systems early in the developmental process; the intention of the initiative is to anticipate threats, harden weapons functionality and ensure prototypes are engineered to meet the requirements threshold they will ultimately need to reach prior to combat.
“On the cybersecurity side we have an extensive effort in firewalls, layered defenses, layered detection defenses encryption in transit and at rest so cybersecurity is preeminent in our application of these types of systems,” he said.