When Congress and Cloud Collided

At a House Armed Services Committee hearing last week on the Defense Department’s IT investments, Rep. Jim Cooper, D-Tenn., mused whether “cloud” didn’t really stand for “Chinese Love Our Updated Data.”

Give Cooper and his staffers some credit: If you scroll to about the 1-hour, 35-minute mark in the video of the hearing, you can hear the creative acronym. (A Google search suggests Cooper may have coined the phrase himself).

A few people laughed, but the Pentagon’s acting chief information officer, Terry Halvorsen, certainly didn’t.

Nor did Lt. Gen. Robert Ferrell, the U.S. Army’s CIO; William Bender, the U.S. Air Force’s CIO and chief of information dominance; Marine Corps Brig. Gen. Kevin Nally; or Dr. John Zangardi of the U.S. Navy.

That’s because it was a stupid throwaway line that, if anything, undermined the otherwise intelligent questions Cooper came up with.

Pentagon personnel and other top tech brass across government have been working hard to make use of emerging technologies like cloud computing to save money, improve efficiencies and enhance military operations over the last several years. Any detailed reading of their efforts highlights rigorous security as so obviously paramount to mission success that equating cloud to uploading data to the Chinese is absurd.

One need only to look as far as the Defense Information Systems Agency’s recent security requirements guide to show that even DOD’s least sensitive data can only be stored in commercial servers within the United States.

In plain English, that means even data already available to the public – website data, for example – won’t be hosted in foreign servers. The same guide has increasingly stringent requirements for more sensitive levels of data, and it’s going to be a while before the Pentagon starts hosting classified data in any kind of off-premise cloud.

Cooper’s line reminded me of a famous Bushism that illustrated former President George W. Bush’s apparent technological ineptitude. During his 2000 election campaign, Bush coined the phrase “Internets,” which spawned a Saturday Night Live skit and countless Internet memes poking fun at people who don’t understand technology.

It’s too bad, too, because Cooper, a businessman by trade, had some solidly on-point questions for Pentagon IT officials. Cooper asked whether the Uniform Code of Military Justice ought to be changed “so that computer security becomes a value to be preserved” because of its increased importance worldwide.

Cooper also addressed outages, the Internet of Things, increased complexity of software that govern physical infrastructures and wondered out loud whether there are more “vulnerabilities here than this hearing has indicated.”

Halvorsen addressed Cooper’s questions, outlining the evolving security requirements industry will have to meet for DOD data to make it to the cloud and how both industry and the Pentagon will be accountable if data is breached.

He was also honest about the changing cybersecurity landscape. DOD is doing its best to address cybersecurity, but no solution is perfect, he said.

“I don’t think I can tell you that we’re perfectly secure -- that would be a ridiculous statement to make,” Halvorsen said.

About as ridiculous as suggesting that everything that goes to the cloud is automatically going to the Chinese.