Two senior technology officials at the Department of Homeland Security (DHS) spoke in positive terms today about the benefits that cloud services are bringing to the agency, and counseled focusing attention on security responsibilities for other agencies also underrating cloud service adoption.
“The important thing is knowing what is the responsibility of the customer versus the service provider” and in the case of software-as-a-service providers, “knowing who is responsible for security of data,” said Luis Coronado, deputy CISO at DHS, at an event organized by ACT-IAC.
“We leverage the security provided by the cloud service providers,” said Steven Grunch, Executive Director, Infrastructure Services Division, at DHS. “They handle a lot of the security nuances … which allows us to do other things and move faster” to offer services than otherwise might have been possible, he said.
Grunch said that better network visibility is proving to be a big plus with cloud services. With cloud, he said, “everything is logged, and everything goes into data analytics,” and DHS receives a wealth of data and insight from service providers including who is on networks and why, and who is trying to change controls, among other items.
“We didn’t get that type of visibility from the data center” infrastructure that preceded cloud adoption, he said.
On the zero-trust security front, the DHS officials discussed the critical importance of data tagging to the goal of zero trust. Responding to an audience member’s question, Coronado said that intelligence agencies in particular have done a “really good job on data tagging,” but that he didn’t know “if we will get to that level on civilian networks.” He added, “that might be something to strive for.”
Discussing “digital transformation” in the mobility context, Grunch said the definition of transformation “starts with what you want your customer experience to be.”
Coronado said that creating the ability to execute digital signatures from mobile devices is important to his operation, and “something we’ve been looking at and studying for a while.” He said the Defense Department (DoD) uses a solution for that, but said in his view that it wasn’t too “clean.” He added, “The ability to digitally sign would be huge.”
Discussing emerging concerns, the DHS officials flagged the progress of quantum computing technologies, and some potential downsides of advancements in machine learning (ML) and artificial intelligence (AI) technologies.
Coronado said he was keeping an eye on quantum computing achievements, including such as that claimed by Google last month, and the ability of quantum computing technologies to greatly weaken current encryption technologies. “We don’t know when” that point may arrive, he said, but added, “it’s still a ways off.”
And both officials mentioned that AI and ML technologies can become a concern for security, in part because they can allow adversaries to improve attack methods.