Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

DOD’s Forecast Post-JEDI: Multi-Cloud with a Chance of Peril

The Defense Department’s needs are diverse and have become even more disparate amidst the post-SolarWinds landscape.

The Pentagon’s abandonment of the Joint Enterprise Defense Infrastructure, or JEDI, contract was an anticlimactic demise for the once visionary single-cloud network.

As far back as 2019, the Defense Department acknowledged that 10% of its cloud would stay with Amazon Web Services and Google; but on paper JEDI’s benefits were clear. It would have been a streamlined, unified approach for DOD’s unclassified and classified networks. Teams would only have to understand and master one solution. And the reduced complexity of a single cloud would theoretically minimize the accessibility of DOD’s network vulnerabilities.

However, the protracted legal battle pushed JEDI past viability. While the cloud titans fought for their slice of the pie, other actors within the federal government, most significantly the intelligence community, transitioned to a multi-cloud network. As a result, the decision to retire JEDI is best seen as an inevitable step toward DOD’s multi-vendor destiny.

In fact, it will now pursue a diametrically different solution through the Joint Warfighter Cloud Capability, called JWCC, a multi-vendor indefinite-delivery, indefinite-quantity contract. Now, Amazon, Microsoft, Google and other cloud vendors may each get a piece and provide their clouds for one of the most complex and sensitive networks on earth. 

During the two-year delay, the premise of single cloud networks faced its own battles. It was common for senior management from both public and private sectors to erroneously view a single cloud as infallible. In reality, this was repeatedly disproven. Vulnerabilities found in on-premise networks were replicated or dragged onto the cloud. Meanwhile, these overtaxed cyber and network teams aren’t failsafe themselves; to deploy at scale, cloud administrators do everything from the command line to the scripting, and 99% of cloud security failures over the next five years will be caused by human error, according to Gartner in 2017. These weaknesses are amplified by recent devastating ransomware incidents, which have eroded perceptions of federal security inside the beltway. So, while multiple clouds do add to the complexity of a network, a single cloud was never a silver bullet.

The Pentagon’s multi-cloud future offers both promise and peril. DOD’s needs are diverse and have become even more disparate amidst the post-SolarWinds landscape we find ourselves in. Some vendors are demonstrably better at some things than others: often developers prefer Azure, whereas many give Google Cloud the gold from an artificial intelligence perspective. By utilizing the best parts of each vendor, DOD teams can tailor their own cloud best suited for both their classified and unclassified networks. But an experienced Amazon Web Services architect is unlikely to possess the same understanding of Microsoft Azure, and vice versa. And while Amazon Web Services and Google’s virtual private clouds may share the same nomenclature, their configurations are poles apart. Those extremely rare architects who are cloud solution polyglots are likely employed in the private sector with salaries higher than what the federal government could offer. 

And complexity remains the eternal enemy of security. By combining different vendors and teams of engineers, the Pentagon has opened a Pandora’s box. Its cyber defenders must be essentially multi-lingual to work seamlessly within and between different cloud networks. And because a ‘lingua franca’ between vendors is impossible for now, it’s even harder to find engineers with some level of fluency in each to fully understand their network environments. Cyber teams are rarely experts on all aspects of every cloud network, regardless of what leadership may assume.

While the cloud titans had both the time and the money to scrap it out over JEDI ad infinitum, our nation’s national security had neither. Abandoning the contract was both a necessity and an inevitability. The Pentagon’s multi-cloud future must now draw on the best of every solution in the market without compromising on security.

Source: https://www.nextgov.com/ideas/2021/07/dods-forecast-post-jedi-multi-cloud-chance-peril/183867/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

A top Defense Department official described the private sector as “absolutely essential” in implementing the agency’s new cyber strategy. A top Defense Department official...

Cyber Security

The nation’s cyber defense agency is building onto White House efforts to secure schools’ systems nationwide with the help of major education software companies....

Cyber Security

A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the...

Cyber Security

Malware leveraging flaws in edge routers has been spying on military contracting websites, according to research from Lumen’s Black Lotus Labs. Malware leveraging flaws...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO