Cloud security and strategy: America’s next frontier
Shen Dingli
["china"]
Editor's note: Shen Dingli is a professor and director of Program on Arms Control and Regional Security at the Center for American Studies at Fudan University. The article reflects the author's opinions, and not necessarily the views of CGTN.
The Pentagon released its report on Cloud Strategy in December 2018. It recognizes the ever-growing demand to integrate security data for its military services, and the lack of resources to meet such exponential demand through traditional premises-based data centers.
The U.S. military is hence driven to tap those commercially existing cloud services for its use, given proper management of cloud security. In the report, the Pentagon listed seven objectives to go cloud and four strategic approaches and guiding principles.  
It seems that the U.S. military is spearheading its grand new strategy which could enlighten its counterparts around the world.
An aerial view of the Pentagon in Virginia, U.S. /VCG Photo

An aerial view of the Pentagon in Virginia, U.S. /VCG Photo

The primary driver for the U.S. military to go cloud is the daunting demand for using and managing data for the decision-making process of America's national security. This motive is obviously understandable simply by reviewing the U.S.' security decision-making process in the events leading to 9/11 – the U.S. had acquired information prior to the attack about the upcoming tragedy, but it didn't have a system to integrate the fragmented intelligence and piece them together.
The post-9/11 reorganization of the U.S. intelligence system has repaired such loopholes, but an integrated data system will improve it even better. Such a framework could apply to various aspects of America's national security, not merely with its anti-terrorism bodies.  
The report has also analyzed the strategic environment of the Pentagon. One can imagine all sorts of missions the U.S. military is expected to carry out, with anti-terror being one of them.
With all sorts of security data to migrate to the clouds, protecting the clouds outsourced by the U.S. military against cyber threats will become a paramount challenge. The report has called for enabling AI and data transparency within its system and, extending tactical support for warfighters.  
After all, the purpose of such digital military revolution is to win battles. The intent of such a transformation is to make the right decision and win wars, with smart data integrated and made use of in the most efficient way.
A sculpture commemorating 9/11 victims in New Jersey, U.S. /VCG Photo

A sculpture commemorating 9/11 victims in New Jersey, U.S. /VCG Photo

One would wonder if a commercial system could be compromised through hacking, which could endanger the U.S., instead of lifting its security threats. The report noticed the importance of taking advantage of resiliency in the commercial cloud already, and building additional protection layers for both security and efficiency, when necessary.
As the Department of Defense report indicates, such a move would bring about an IT reform across the department. It may be considered its latest institutional military reform, since the setting up of the Pentagon and National Security Council, and redefining national security in the wake of 9/11, through reorganizing its intelligence institutions. This could bring about profound security implications for generations to come.
This unclassified report has offered four approaches and principles to implement its strategy, by putting the warfighter first, using cloud smart and data smart analysis, leveraging the best practices of the commercial industry, and creating a culture better suited for modem technology evolution.
It is both a strategy geared for vision transformation and a read for the members of the U.S. Congress to be educated and therefore be cooperative in approving a budget request from the White House.
But the report could also be a wake-up call for the world.
When the rest of NATO is still reluctant to pay for their two percent share of their respective GDP as a contribution to a security alliance, the U.S. is moving way ahead. If they would follow the U.S.' move, they could end up with spending "non-cost-effectively" for what they couldn't benefit from right away. Nevertheless, if they don't follow, their defense competence could lag even more behind – they couldn't afford a time when the U.S. would leave them alone, flagging an "America First" banner.
Those who are not on good terms with the U.S. will be faced with a grim challenge of data race: a competition for their own data security in the age of the cloud.
How to maximize their own national security by outsourcing the commercial cloud while securing its processes? Simply put, not all countries could afford such data and cloud race. Instead of reaping the benefits of globalization, the world could be deeply divided into two camps: cloud rich and poor.
There is a strong rationale for America, and countries with the right means, to be cloud rich and strong. But it is crucial for them to pledge not to gain access to others' data without their consent.  
It would be even better if they could weave together a net of interstate cloud system that hosts shared non-sensitive data and isolated sensitive data. The U.S. and other powers should take the lead toward a shared future of the properly interdependent secure world.
(If you want to contribute and have specific expertise, please contact us at opinions@cgtn.com.)