Posted on May 29, 2014
Last week, I had the pleasure of moderating a panel on Cyber Security in the Cloud—a “Hillversation” event hosted by the Cloud Computing Caucus Advisory Group. The Caucus is a non-profit, non-partisan coalition of technology companies and industry groups focused on educating lawmakers and the public about cloud computing.
The event took me to the Hill’s Rayburn House office building, where an esteemed panel of cloud and cyber experts discussed challenges in cloud adoption, security features of the cloud and their own agencies’ experiences shifting data to the cloud.
Speakers included:
- Congressman Darrell Issa (R-Ca.): One of the seven Congressional members of the Cloud Computing Caucus and Congressional founders of the Caucus.
- Stephen E. Schimdt: VP and CIO at Amazon Web Services
- Dr. Patrick W. Dowd: CTO and Chief Architect at the National Security Agency and Central Security Service
- Terry Halvorsen: CIO at the Department of the Navy and soon to be Department of Defense acting Chief Information Officer
- Matthew School: Deputy Division Chief in the Computer Security Division at the National Institute of Standards and Technology (NIST)
- Congressman Gerry Connolly (D-Va.): An impromptu speaker and co-founder of the Caucus who encouraged all attendees to stop by their representatives’ door and make sure they understand the benefits of the cloud.
Congressman Darrell Issa (R-Ca.) kicked off the event, saying that cloud computing is a game changer, and I couldn’t agree more—we’re already seeing how the rise of public, private and hybrid clouds is impacting data security policies. Now that cloud is the new normal, these policies must be updated to combat the fluid security landscape.
Stephen E. Schmidt spoke about his experience launching and spreading the word about AWS services. I walked away from the event thinking about a few ideas that Schimdt discussed: One, that we should experiment often and fail without risk, and two that how we approach IT security is a persistent undertaking of reform.
At Booz Allen Hamilton, we wholeheartedly embrace this approach to technology driven innovation. We’ve been bold in developing new products, testing new platforms and experimenting with the latest data analytics tools and cloud environments. Our focus has always been clear – what can we be doing to help our clients succeed today.
And this must be our focus, because our clients are faced with increasingly difficult regulations, threats and requests to reform. For example, my fellow panelists addressed the “elephant in the room,” better known as the upcoming deadline for the Federal Risk and Authorization Management Program (FedRAMP). Federal agencies have until June 5 to certify their cloud systems and ensure that those systems meet a strict baseline of security standards and it’s a race to the finish to ensure that everyone meets these requirements by the deadline. While those of us on the panel know that FedRAMP alone will not solve the issue of securing the cloud, it is a massive step forward for cloud regulation and security.