Cloud Exchange 2022: NNSA’s James Wolff on the classified cloud as ‘a real opportunity’

The National Nuclear Security Administration is testing the waters of classified cloud, embarking on multiple pilots. “We are looking at the classified cloud as a...

Part 1

Part 2

The National Nuclear Security Administration’s cloud journey looks a lot like other agencies in some respects.

The agency, housed within the Energy Department, has deployed commercial cloud-based technologies for functions like business automation, collaboration tools and analytics, said James Wolff, associate administrator for information management and chief information officer at NNSA.

But those deployments are largely on the agency’s unclassified systems, Wolff said during the Federal News Network Cloud Exchange 2022. The commercial market for cloud capabilities that can meet security requirements for classified data, however, is still relatively nascent.

NNSA has some of the most sensitive missions in government, with responsibilities to maintain the U.S. nuclear weapons stockpile, safeguard against nuclear proliferation and provide nuclear propulsion systems for the Navy.

It’s those classified mission systems where the agency has yet to leverage cloud-based technologies. “We are looking at the classified cloud as a real opportunity,” Wolff said.

Watching DoD’s JWCC, but not waiting on its own pilot

Wolff expressed excitement about the Defense Department moving forward with the Joint Warfighting Cloud Capability procurement. DoD plans to make the JWCC award in December. It will involve the four leading cloud providers: Amazon Web Services, Google, Microsoft and Oracle. And it’s intended to deliver enterprise cloud services at unclassified, secret and top-secret classifications.

“We’re looking at that with anticipation to be able to take advantage of the work that DoD is doing and move more of our capabilities on the classified networks into those systems when they’re available, when they’re proven out and have the right security,” Wolff said.

But he also said NNSA is “not waiting” for DoD to move forward with the massive procurement. The agency has already launched a pilot using Microsoft Azure to deploy a private cloud on a classified, mission network

“It looks and feels like a commercial cloud, but it is very controlled, and it is available only to us,” Wolff said. “That’s one end of the scale.”

The other end of the scale is a much larger experiment NNSA has planned for this year to test out deploying a commercial cloud in the agency’s internal classified network, akin to DoD’s Secure Internet Protocol Router Network (SIPRNet), according to Wolff.

“We do anticipate a pilot this year, getting some of our technical folks into that environment to test it out, to make sure that we have the right architecture, to be able to use it over the next couple of years,” he said.

“Scale is important,” Wolff continued. “Doing things at an enterprise level is important. All those challenges that we have in our normal work environments exist on the classified systems. … When you’re doing something in a common cloud environment, they’re building interoperability into that environment and it’s natural. That’s the benefit of what we’re seeing on the commercial, unclassified side. And that’s the kind of thing that we want to mirror on the classified: the security, the interoperability, the collaboration, but then also having a marketplace of strong tools.”

‘Generational shift’ in ERP systems

NNSA’s IT modernization is happening across a federated environment of labs, plants and other sites.

The agency is in the midst of a “generational shift” in its enterprise resource planning systems, Wolff said. Many of the agency’s ERP systems are 15 to 20 years old, and NNSA labs and other locations are in the process of upgrading and replacing them, in some cases with cloud-based technologies.

Wolff’s team at NNSA headquarters is focused on how it can best enable that modernization across the agency’s unique environments.

“How do we ensure that the team at one facility has an open path of communication to the team at the other facility that just finished the same project,” he said. “We’re working on those kinds of things together. Those are locally executed. They do the project themselves. And they have unique aspects about their business that they want to build into those ERP-type of solutions. That’s one way where the federation is important, and then the cross-organizational collaboration that we helped facilitate.”

In the case of cybersecurity, however, NNSA is taking a more centralized approach, he said.

“I see that going more toward an enterprise approach,” Wolff said. “We have a couple of enterprise-scale tools now. And we’re investing in a couple more, and I see that shaping into more of a central, consolidated, singular approach for some things. Certainly not for everything, but that will give us more transparency across the entire organization, more understanding, more ability to analyze the trends and understand what is happening across all the sites, and then work with the sites to remediate any issues that we may discover.”

NNSA tackles tech workforce challenges

The National Nuclear Security Agency faces many of the same challenges in recruiting and retaining cyber professionals common to other federal organizations, but it’s unique in that the vast majority of its workforce is made up of contractors who operate the agency’s labs.

At the headquarters level, Chief Information Officer James Wolff said his office is working with the human resources team to develop a “cyber retention pay” plan to help keep federal employees who could be attracted by higher pay in the private sector.

But he said the real challenge is the contractor workforce at NNSA’s lab, plants and sites.

“There are way more IT professionals at those spaces,” Wolff said. “So how do we make sure that they have the ability to find people?”

DOE unveiled a new internship program this year called the Omni Technology Alliance that offered paid summer internships for U.S. students with at least a 3.0 grade point average who are majoring in cybersecurity, information technology, engineering or related fields.

NNSA took advantage of the new program, which ultimately helped introduce younger people to the agency and DOE as a whole, Wolff said.

“It’s opening the aperture,” he said.

Wolff said one of his top priorities is focusing on the intersection between data science and cybersecurity. The focus fits into how NNSA wants to shift its cybersecurity posture from reactive investigations of incidents to continuous monitoring of systems for anomalous behavior and activities, he said.

“I have seen the market evolve where the cybersecurity profession, because of the many tools and many sensors and many capabilities, is now a data science problem,” Wolff said. “Hundreds of thousands of computers — you can’t monitor that with a person. That requires tools. And those tools are hard. And so we’re actively looking for data scientists that want to work in that space.”

Check out all the sessions from the Federal News Network Cloud Exchange 2022.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories