A well-defined hybrid, multi-cloud strategy can help pave the way to digital transformation. During the DoD Cloud Exchange, we talked with Splunk’s Bill Wrigh...
“All too often, we discuss the benefits without the proper dose of reality,” said Bill Wright, senior director for North American government affairs at Splunk. Speaking, Wright added, “And the fact is digital transformation is hard. It’s hard, but it’s necessary.”
It’s necessary because the military is racing to reestablish its offset over rivals, Wright said at Federal News Network’s second annual DoD Cloud Exchange. Given the importance of cyberspace and information dominance, that pursuit demands an updated approach to information technology.
“The DoD stands at a critical juncture where adopting cloud capabilities — and doing it at speed and at scale — is essential if we are as a nation are going to maintain our military advantage,” Wright said.
Drilling down into the cloud piece of digital transformation, Wright said that among the top challenges he sees DoD organizations dealing with is managing a multi-cloud, hybrid environment. With microservices and containerized applications distributed across the enterprise, Wright said, agencies need the ability to cut through what he called a noisy environment. In that way they can detect and troubleshoot incidences quickly.
Whether because of a lack of asset visibility or an ever-expanding attack surface, “it’s difficult to secure a multi-cloud environment,” Wright said.
Wright characterized the challenges of managing and security in a hybrid, multi-cloud environment as primarily a data problem.
“Government agencies, especially Department of Defense agencies, are creating more data than ever before,” he said. “And all too often, they maybe fail to capitalize on the valuable information that they’re collecting. What can be gleaned from this data?”
Yet data analysis capabilities are crucial for Defense agencies “to truly modernize their IT infrastructure and enhance security,” Wright added. Useful analysis is a technical issue, in that agencies need the tools to deliver the total visibility and the data analytics they need. And it’s a human capital issue, as the government competes with the private sector for people with the right data science and cybersecurity skills.
For all its challenges, digital transformation using a multi-cloud, hybrid approach has significant benefits, Wright said.
“What we’re hearing from our customers, including DoD, is that they’re always looking for three things: flexibility, agility and cost savings. And that, in a nutshell, is the value proposition of a multi-cloud strategy,” he said.”
“A cogent well-thought-out cloud strategy will allow you to move quickly, be adaptive, innovate faster,” Wright said. “I think we saw a lot of this during the early days of the pandemic. Those agencies that leveraged cloud fared far better scaling and staying up and available for citizen services.”
The same tools and strategies agencies use for visibility into cyberthreats are also useful for other technical issues. They can help agencies foresee problems potentially leading to downtime. They can also give what Wright called “more granular transparency into costs, usage and capacity” to control cloud costs.
Moreover, a multi-cloud strategy also enhances the national security mission, he said. “It can be much more difficult for an adversary to take down digital services, if those services are distributed across multiple clouds,” Wright said. “With this multi-cloud strategy, you can have a cloud in reserve as a fallback position if primary clouds are taken down. Again, that kind of redundancy, that kind of resilience, is increasingly important, especially in this current global threat environment.”
IT practitioners in DoD have an emerging new policy framework under which to pursue and drive transformation. Wright cited the new DoD cybersecurity initiative for continuous monitoring of commercial clouds.
Beyond monitoring, he noted, the policy enables continuous authorization to operate (cATO). The use of cATOs “is an improvement upon the risk management framework that was sort of its predecessor,” he said, calling it “a great step from being on a passive footing to a more proactive approach to cybersecurity.”
To listen to and watch all the sessions from the 2022 Federal News Network DoD Cloud Exchange, go to the event page.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Senior Director, North American Government Affairs, Splunk
Host, The Federal Drive, Federal News Network
Senior Director, North American Government Affairs, Splunk
Bill Wright is Senior Director, North American Government Affairs for Splunk. Prior to this position he was Director, Government Affairs and Senior Policy Counsel at Symantec where he lead the Norton Cybersecurity Institute program and managed a number of global cybercrime and cybersecurity operational and policy relationships with governments and industry. Wright has more than twenty years of experience spanning the legal, policy, and operational spectrums of national security, law enforcement, and international partnerships. Prior to joining Symantec, he was Staff Director and General Counsel for two U.S. Senate Subcommittees focused on homeland security, government IT and oversight. Prior to the Senate, he worked in the Intelligence Community as a Senior Operations Officer at the National Counterterrorism Center Operations Center (NCTC). Wright holds a BA in political science from Hampden-Sydney College and a JD from DePaul University College of Law.
Host, The Federal Drive, Federal News Network
Tom Temin has been the host of the Federal Drive since 2006 and has been reporting on technology markets for more than 30 years. Prior to joining Federal News Network, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.