Jack Wilmer: DISA Needs Security Tools to Defend DoD Apps in Commercial Cloud

cloud securityJack Wilmer, a Defense Information Systems Agency official, has said DISA needs to field tools designed to defend Defense Department applications from potential security vulnerabilities in commercial cloud environments.

Wilmer, vice director of the development and business center at DISA, told attendees of the MeriTalk Cloud Computing Brainstorm event that the need for such tools is one of the lessons that DISA learned when it migrated the first two DoD apps to the commercial cloud, DISA said Thursday.

“We need to define our relationships with cloud providers, and then find a way to have scalable solutions, at cost, for individual applications we take care of as a service out of our own data centers,” Wilmer said.

He noted that cloud service providers must comply with DoD’s cloud security requirements and the Federal Risk and Authorization Management Program standards to facilitate continuous monitoring and certification of cloud platforms and services.

DISA should also make changes to its culture and business processes as it works to integrate new CSPs and application owners and move DoD apps to the cloud, Wilmer noted.

“We need to train up operators in how to do business differently,” he said.

“They’re going to be getting different feeds of information, potentially with different levels of detail, through the CSP in different ways that they’ve previously accepted.”

Check Also

Data Science

OMB to Launch Data Science Training Program for Gov’t Employees in September; Denis Ortega Quoted

The Office of Management and Budget (OMB) is set to hold a free online training program aimed at refining the data science skills of up to 60 government personnel starting in mid-September 2020. Program participants will undergo eight hours of training every week to be followed by a two-month capstone effort in February 2021.

Leave a Reply

Your email address will not be published. Required fields are marked *