Article previously published by Breaking Defense, February 28, 2024
In this Q&A with Maximus, we talk with Frank Reyes, Cloud Solutions Leader, and Michael Sieber, Senior Director, Cybersecurity, Defense Market, Federal Services, about: enabling high-bandwidth, low-latency cloud communications and threat analysis; the need for standardization and interoperability in DoD clouds; and the modernization of legacy applications to support multi-domain operations (MDO) in the cloud.
Breaking Defense: Cloud computing modernization and rapid adoption of cloud depend upon advanced cybersecurity and data protection. What challenges does the DoD face in this respect and as it relates to multi-domain operations?
Reyes: I want to start with applauding the Department of Defense and specifically the DCIO as the only agency out of all 24 Chief Financial Officers Act agencies that got an A from the U.S. Government Accountability Office for their cloud computing area. That comes from them knowing that the cloud, along with cybersecurity, is the key enabler to allow them to address the challenges of protecting sensitive data.
That means integrating legacy systems with modern cloud solutions, and balancing that with the security and compatibility challenges. Legacy system integration is going to be key as we’re seeing different levels of maturity in the cloud.
In terms of impact on multi-domain operations, other challenges relate to the security of sensitive operations between the on-premises and cloud environments. How do you maintain that along with operational efficiency, and how do I make it so that my end users have all the data they need down range?
Michael Sieber is a senior director, Cybersecurity, Defense Market, Federal Services, for Maximus.
Sieber: The DoD is coming off the heels of 25+ years of counterinsurgency operations where they needed to extend communications platforms to the tactical edge, which was fairly easy to do in uncontested environments.
Now, in a time of competition and potentially preparing for conflict with an advanced adversary, the requirements and capabilities have changed significantly. Gone are the days when we had communication and information dominance. The DoD is now competing for information dominance across networks while operating on land, sea, air, cyber, and space.
We’re dealing with threat actors that have advanced capabilities that can gain access to networks undetected and live off the land, blending in with normal network activity while conducting malicious activity. That means the posture an organization takes to protect and transport data to the tactical edge has to change.
Reyes: The shorthand of MDO can sometimes gloss over the challenge associated with combined land, air, sea, space and cyber operations. How you do data protection and threat detection is still an evolving strategy.
With data encryption and segregation in each of these domains at the edge, the goal is to implement advanced encryption techniques to protect the data at rest and in transit. It’s also to ensure data segregation to prevent cross-domain security breaches while still giving operators the information they need, when and how they need it.
Breaking Defense: How is digital transformation and edge computing enabled by the cloud?
Reyes: DoD is already making investments in edge computing in tactical environments to unlock some of the investments that they’re putting into other areas like AI, machine learning, and automation. That means deploying those capabilities to process the data closer to the source to reduce latency and ensure real-time data analysis in field operations. It helps to do as much of the data encryption, segregation, and threat intelligence as you can in the field and not having to do back haul.
Speaking from the Maximus perspective, one of the best ways to accelerate digital transformation is collaborating with industry. We have the benefit to experiment in our own time and to develop capabilities for a variety of customers. We want to share those learnings and bring those capabilities to the DoD for their digital transformation initiatives.
Sieber: When you look at multi-domain operations you’re talking about systems integration across the board. I look at the CJADC2 concept as a forcing function to figure out how to coordinate information throughout all domains to develop the complete operational picture.
That’s going to improve your situational awareness from the point of view of supporting efforts. If you’re the main effort on the ground with supporting efforts in the air or in cyberspace, it’s important to understand how those are going to impact your operations – such as having the ability to call in close air support to complement you in case a contingency operation is required.
When I look at digital transformation and pushing data out to the tactical edge, cloud computing comes into play because it’ll also help with standardizing data formats and protocols used in transport layers to make sure that information can get to the edge quickly.
Breaking Defense: How will standardization of data formats and protocols help industry develop solutions that translate into usefulness for cloud applications?
Sieber: Standardization is still the backbone from a data-transformation perspective. Coming back to transport, much has changed over the past decade and you need to make sure that you have the standardization in place where you are tailoring information so that the end user has access to that immediately. That in and of itself deals with information at multiple security layers.
We’re talking about a mixture of classified data, ISR feeds, and unclassified information that impacts the operating environment. Standardization allows us to build tailored defense solutions that get the right information to decision makers at the edge.
Reyes: We understand that each of the DoD mission areas and owners have different needs. The idea of standards isn’t new. For example, aircraft platforms have the 1553 data bus which the sensor suites and onboard avionics computers have to be able to communicate across to be used on the aircraft.
That’s why the AC-130 gunship, a platform that has been in use since the 1970s and is still used today, defines that standard and subsequent interfaces there. That means you can add a Lockheed Martin Hellfire missile, a Boeing Small Diameter Bomb, Raytheon Griffin missiles, and a new 105 mm gun or 30 mm chain gun. They all are interoperable and ‘plug and play’ because they’re just systems that the computer sees, commands, and responds to.
Bringing that mindset into the IT space is going to be key. And it’s not something that is foreign. Just look at the commercial market, there are nearly two million apps in the Apple app store and all of them use the same operating system standard, GPS standard, accelerometer standard, and so on.
Focusing on the interfaces, standards, and interoperability unlocks a lot of innovation if done right.
Breaking Defense: Final thoughts?
Sieber: Digital transformation through cloud-based services and cybersecurity are important to the transport layer as you push communications to the tactical edge. They’re critical aspects of transport and transport-layer security, and need to deliver secure comms through to men and women in uniform.
Reyes: Advanced cloud technologies and superior cybersecurity practices are certainly going to help address the challenges for future warfare in MDO, but our greatest assets are our men and women on the ground. All this technology only exists because we’re here to enable those individuals.
Lastly, this isn’t all industry solving the problem or all DoD. We have to collaborate to drive innovation and secure the digital transformation initiatives that our military needs.