DISA's Bennett Urges Caution Leaping Into Cloud

By Christine Kern, contributing writer

The U.S. Department of Defense (DoD) is facing a daunting challenge in creating a cybersecurity position, in large part due to the different levels of mission risk at the department.

“Cybersecurity should vary by mission,” DoD Deputy CIO Richard Hale said Sept. 10 at the MeriTalk Cloud Computing Brainstorm event. “Right now we are trying to step back from this one-size-fits-all model and recognize the reality that different missions have different risk tolerances, and that we can’t imagine them all.”

He says the DoD is taking a different perspective and attempting to create zoning in its computer infrastructure by mission risk. This includes distinguishing computer servers from user computing, a necessary step before the ability to go fully mobile.

An FWC article says the next step for DOD will be to assess results of pilots and early stages of moving to the cloud.

David Bennett, CIO at the Defense Information Systems Agency (DISA) stresses, however, that the transition to cloud computing must be to be approached cautiously.

Also a guest speaker for MeriTalk, Bennett acknowledged “the cloud is a very viable scenario” but points out the need to carefully consider which data sources and applications are suitable are a fit for the cloud.

“Everybody's looking at cloud as being the answer to all issues,” Bennett says, “but we need to understand what it means to start to leverage the cloud as we go forward.” An IT News article reports that Bennett also stresses that cloud deployment requires continuous monitoring in a cloud deployment.