Securing Cyberspace through Cloud
Interview with Chris Bailey, General Manager for Global National Security at Amazon Web Services (AWS)
In his appearance at Defence Disrupted on 19 May, Chris Bailey, General Manager for Global National Security at Amazon Web Services (AWS), discussed why Defence Departments should capitalise on the inherent security benefits that come from accelerated cloud adoption. We caught up with Chris after the event to dive a little deeper…
I. Why is it so important to accelerate digital transformation in defence?
Governments worldwide are recognising that digital transformation is imperative in the current global threat context. Recent major cyber incidents have highlighted how much organisations depend on the resilience of their digital operations. This applies equally to Defence structures. Digital transformation equips military organisations with the innovation, agility and speed they need to achieve their missions. A key theme at Defence Disrupted was the need for a rapid acceleration of digital transformation in this sector. Cloud technology is a key enabler in this respect, as it allows mission-based applications and services to be developed in a very agile way, scaled when needed and without excessive cost. It also provides defence organisations with the baseline for cyber security that they will not achieve with legacy IT infrastructure, as on-premises solutions are unable match the breadth and constantly updated suite of security solutions available with the cloud. In short, you can’t focus on speed and innovation if your foundation is not solid. As my AWS colleague Sean Roche said in 2018 when he was in government: ‘The cloud on its weakest day is more secure than a client server solution.’
II. From your experience in the U.S. and internationally, what are the key ingredients for achieving rapid defence digital transformation?
There are three components that I believe will be critical to defence digital transformation – leadership commitment, skilled workers and public-private cooperation. The main ingredient is strong leadership and commitment to progress at the top of defence organisations. Leaders must acknowledge the urgency of the situation. Second, we need to equip people at all levels with the skills and training they need to leverage new technology. Cloud technology is the new normal, with the majority of technology start-ups being “born in the cloud” and virtually all recent graduates in computer related fields having been educated on cloud technology. We need to focus on upskilling from legacy systems to training on cloud and associated technologies such as big data or artificial intelligence. Finally, it is imperative that leaders commit to advancing genuine public-private cooperation on their defence digital transformation; especially on cyber security – the bulk of the R&D underpinning innovation lies in industry. As we’ve heard from U.S. President Biden’s recent Executive Order (EO) on Cyber Security, as well as the speeches of senior British Ministers at the National Cyber Security Centre’s CyberUK conference, there are important steps being taken around the world to deepen public-private cooperation, which can to strengthen cyber resilience, not least through supply chain. Cloud offers the opportunity to achieve this at scale.
III. Can you offer any specific examples of effective public-private cooperation on cyber security issues, and how can this collaboration be strengthened?
In the UK, the National Cyber Security Centre (NCSC) is taking critical steps across the economy to promote the security benefits that can come from cloud adoption (HERE). I would also highlight the NCSC’s Active Defence programme as an excellent partnership. We are proud of the role AWS plays in helping it to scale up the Web Check service (HERE), which helps the UK public sector find and fix vulnerabilities. More broadly, collaboration can be strengthened with a more widespread understanding that better security can be achieved with the adoption of cloud services. For its part, the MoD has recognised this with its recent blog post ‘More Secure in the Public Cloud’ (HERE).
In the U.S., we have seen in President Biden’s cyber security EO that public-private cooperation is essential in sharing information, supply chain, infrastructure protection and other areas. The EO also recognises the risks associated with legacy IT software and the urgent need to “accelerate movement to secure cloud services.” AWS is actively engaged in helping governments around the world on this journey.
IV. AWS is rare if not unique in some ways of both supporting the largest Defence departments and suppliers, as well as the smallest and most innovative SMEs and start-ups. Creating strong and resilient national security infrastructure has always relied on a public-private ecosystem. How do you see this ecosystem evolving over the next 5-10 years?
At AWS, it all starts with the customer – we call it customer obsession. Our approach is as unique as the customer missions we support. We look for the biggest challenges and work hard to find new solutions. Two quick examples are; first, for over 6 years AWS has been operating a commercial cloud capability that allows defence and national security customers to host classified government workloads across all levels – including the most sensitive. A second example is AWS Ground Station (HERE); this allows large and small satellite operators to leverage an “on-demand” model for antenna and ground station – lowering the cost for satellite operations and dramatically increasing innovation in space. We are seeing global defence and national security agencies leveraging these capabilities. By the way, neither of these capabilities was even imagined 10 years ago.
I also want to highlight the innovation that partners deliver. We are proud of how AWS invents, but our invention is amplified by orders of magnitude through companies that build on AWS. We place a strong emphasis on working alongside the thousands of organisations who are part of the AWS Partner Network (HERE) - what we call the APN - to support customers, including in defence. We are also excited around the prospects for new innovation which will emerge on AWS from cloud born entrants that we don’t yet know about. Some of these may have attended Defence Disrupted to find out about how to support defence organisations for the very first time, and that is incredibly welcome.
Over the next 5-10 years, the impact of this community on Defence innovation will only increase. As commercial cloud becomes more common in Defence departments, they will immediately benefit from the constant innovation that cloud provides. This will energize a new wave of innovation designed to solve the biggest challenges in national security. I can’t wait to see what is imagined and invented in the near future. The future is very bright.