|Targeted News Service|
HANSCOM AIR FORCE BASE, Mass.,
Numerous regional cyber leaders convened at
Organized by the
ACSC Executive Director
Toward that end, two Hanscom senior leaders, Director of Engineering and Technical Management
Stamey discussed the edge Hanscom program specialists bring to U.S. warfighters: a full spectrum of command and control that harnesses space, air, terrestrial and cyber assets.
"However, that asymmetric capability is probably also our top vulnerability," he said, noting that protecting the various systems and the data they produce is a constant challenge. But protection efforts aren't sufficient against the most advanced and persistent threats, he said. The
Protecting systems and data - either by shielding them from attack or enabling them to rapidly reconstitute - doesn't necessarily mean keeping everything in a locked room nearby though. Forum discussion centered, in fact, on analyzing whether and when it makes sense to store data in "clouds," huge, remotely managed data centers with great capacity and built-in security.
"I started out anti-cloud," Rudolph said during his presentation. "I wanted to control the network, the computer and storage." Over time, however, he has become a strong cloud proponent, arguing that working within the cloud is far more cost-effective and that it generally offers enhanced security, with control features that reduce spillage and vulnerability to attack.
He spoke about the U.S. government's federal data center consolidation effort, emphasizing that the ultimate goal should be "to get to zero," meaning no reliance on government-operated data centers. For now, however, the federal government will rely on a hybrid model that combines private cloud, public cloud and traditional data centers, he said.
A panel discussion among industry "cloud adopters" revealed similar sentiments, with early skeptics gradually developing increasing trust.
"Three months ago, if you asked me about the cloud, I'd have said 'Hell, no,'" said
Cloud providers themselves were also on hand and were quick to offer assurances.
Third party audit results and the opinion of technical peers are among the things information security managers can use to build confidence in cloud providers, according to