As aerospace and defense (A&D) manufacturers balance agility and speed with the need for ever-increasing vigilance and security, they are also facing the daunting task of keeping IT systems aligned with their changing business strategies.
This conflict of speed versus security is especially challenging in the area of cloud computing.
The Department of Defense (DOD) Defense Science Board recently invested months to produce a report titled Cyber Security and Reliability in a Digital Cloud. To me, it’s clear they’re seeing value in cloud computing beyond cost reduction.
The DOD task force finds that, in many cases, deploying applications to cloud computing data centers increased cyber security, especially against less sophisticated threats. The team also concludes that cloud-based platforms are the most effective technology available for tracking, analyzing, and thwarting both simple and complex attacks.
Using advanced analytics and tracking algorithms, the DOD makes the observation that cloud computing data centers are significantly more secure than on-premise systems or the use of public cloud architectures.
Here is what I found to be particularly noteworthy:
- Cost savings of adopting cloud-based applications and systems are situational and highly dependent on an individual case-by-case analysis. The highest-performing cloud computing projects have very specific mission objectives and are measured across a series of operational metrics, not just IT or cost alone.
- The daily operation of DOD supply chains, ships, logistics systems, and machinery and weaponry (including tanks and missile systems) all generate massive amounts of data that needs to be aggregated, analyzed, defined into models and used for better decision-making. The report determines that cloud computing is ideal for managing the exponential increase in data being generated today by these systems.
- The future of cloud security in the A&D industry is cloud brokerages behind firewalls, where only unclassified data and systems are integrated to public cloud computing platforms. Recent studies by 451 Research of enterprise cloud computing adoption also reflect this trend. In the Forbes article on predicting enterprise cloud computing growth, internal private clouds are the top priority this year for 35 percent of enterprises interviewed.
- The scale of cloud computing and the data it generates from operations enables the analysis of packet and log data that provides new capabilities for event forensics and real‐time detection of malicious behavior. In conjunction with research from the Massachusetts Institute of Technology (MIT), the DOD cites this as critical to the future of cloud security development. The latest efforts in this area center on impersonating traffic workflows that provide randomized activity patterns, making it very difficult for hacking algorithms to determine which applications are in use. The latest advances are making the digital footprint of cloud applications nearly impossible to decipher and compromise.
- Service level agreements need to include much more than uptime commitments; they need to include metrics related to security as well. The study recommends that the key attributes of availability, authentication and authorization approaches, data processing and storage locations, software and data backup approaches, cyberattack event notification, required staff clearances and background checks, software and data disposition, and risk disclosure requirements and contingency plan all be included.
Making cloud computing even more secure needs to begin with a distributed data center strategy — one that ensures robust and elastic computing capacity across the global network of systems that the DOD and its branches rely upon. The authors of the study caution against a single Fort Knox-like approach to defining data center design and implementation, citing too many vulnerabilities. Instead, they recommend geographically distributed data centers supported with satellite links for real-time integration and support of collaborative workflows.
Feel free to contact E-SPIN for the various technology solution that can facilitate your aerospace and defense(A&D) infrastructure availability and security monitoring.