ARCYBER Commander Says Implementation Key to Enterprise Cloud Security

The leader of the U.S. Army Cyber Command said enterprise cloud environments are not inherently secure. In contrast with experts who say such environments are safer because they enable faster threat responses, ARCYBER Commander Lt. Gen. Maria Barrett stressed that proper design and implementation are paramount for security.

She explained at the TechNet Augusta conference that most security issues stem from misconfigured systems or exploited collaboration or integration features.

According to Barrett, multifactor authentication, open-source code libraries and other solutions popular in the private sector will not suffice to secure the Army’s cloud environments.

Barrett warned that attacks on the Log4j vulnerability raise questions about the widespread use of open-source code libraries. She said the Army should maintain visibility into data from third-party libraries as it transitions to virtualized and containerized environments.

Barrett suggested additional steps such as automated checkpoints to reauthorize users. She referenced Gabriel Nimbus, a big data platform that is expanding the Army’s understanding of activities in its cloud environments, doubling the quantity of stored data and accelerating security incident detection, Defense One reported.