Cloud

Halvorsen to industry: 'Let's be real' with each other on cloud data

Terry Halvorsen

Acting Defense Department CIO Terry Halvorsen on Jan. 29 called on commercial cloud providers to own up to the challenges of data liability and information sharing, measures he sees as instrumental to the Pentagon reaping the benefits of the commercial cloud.

"When you lose our data that's in your cloud, you have all the normal liability issues, but let's be real, you're dealing with DOD…you also have a bit of a political liability," Halvorsen said. "Our data gets lost, it's going to make the news. It's going to get interest [from] Congress, it's going to get interest [from] the American people."

Halvorsen's blunt talk at a DOD cloud industry day held at the Commerce Department was the latest step in the Pentagon's effort to court the private sector for cloud services. In tight fiscal times, DOD officials are trying to balance the savings likely to come from more commercial cloud adoption with the security risks of moving too fast.

The Pentagon's top IT official said he has heard plenty of concerns from cloud firms about what he called the "political liability" of doing business with DOD, but told the audience that is the cost of entering the potentially lucrative DOD cloud market.

"This is going to have to be…a much better partnership between industry and government in how we do this in a way that makes you money," Halvorsen said.

The only way a multiple-cloud environment is "going to work effectively, efficiently and securely is [if] we share common data," he added. "Particularly in the security area, we're going to have to have common infrastructure, common sensors, common data exchange – and it has to cross government and industry boundaries."

At a press briefing at the event, Halvorsen said that within 90 days he expects DOD to stand up "cloud access points" -- key elements of the security apparatus that connects DOD information networks to the commercial cloud. The Defense Information Systems Agency has been conducting a pilot project to test the speed and security of the CAPs, Maj. Gen. Alan Lynn, the agency's vice director, said earlier at the industry day.

Halvorsen told reporters that that the CAPs are crucial for cloud security because it reduces the number of potentially vulnerable connections to commercial networks.

Halvorsen also revealed during his remarks to industry that the next version of the unclassified part of DOD's enterprise email system "will be a completely commercial solution." He explained that decision to reporters by saying, "I think that the commercial industry has certainly shown that they could do an unclassified email at a lower price."

The cloud industry day, which drew several hundred commercial and government cloud practitioners, caps a busy several weeks for DOD's changing cloud policy.

DISA, the DOD agency in charge of IT infrastructure, on Jan. 12 released a security requirements guide for commercial and non-DOD cloud providers. The document is aimed at simplifying the selection process by reducing the number of "impact levels" for sensitive information handled in the cloud.

And in another move intended to quicken the Pentagon's adoption of the commercial cloud, Halvorsen issued a memo on Dec. 15 that allowed the military services and other DOD agencies to procure commercial cloud services rather than leaving that authority to DISA.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.