Insights from SOF Week 2023
May 25, 2023
Challenges in the Special Operations Community
Our Greymatter team recently attended SOF Week, a premier convention for Special Operations Forces, held in Tampa, FL.
SOF Week brings the Joint Special Operations community together with industry to discuss today’s critical mission challenges and highlight potential technology solutions. This year’s event centered on data, cybersecurity, and collaboration challenges.
Chris Holmes, CEO of Greymatter.io, chatted with Francis Rose, Host of Fed Gov Today, about the major cyber challenges faced by the Special Operations Forces (SOF) community.
Hear what Chris has to say about:
- How current cyber tools primarily focus on perimeter security, but as cloud technologies extend to disconnected environments, achieving zero trust compliance becomes challenging.
- Why extending security measures to applications, message traffic, and APIs is essential.
- Reasons that fortifying the core infrastructure poses a significant hurdle.
- How restricted access is crucial to prevent unauthorized exposure of sensitive data.
- Reasons a service mesh network is necessary for overseeing all elements, enabling comprehensive audits and automatic synchronization.
What are the big cyber challenges that the SOF community is facing right now?
Many current cyber tools primarily focus on perimeter security, such as Software Defined Perimeter and firewalls. However, as the community moves towards adopting cloud technologies and extending them to disconnected environments like backpack servers or Humvees, it becomes evident that the perimeter expands beyond initial expectations.
“I like to use the analogy of a hard piece of candy – when you bite into a candy, it’s gooey on the inside. While many focus on the outer shell, not a lot pay attention to the gooey inside where the real challenges lie. But when you’ve got President executive orders, and this guidance saying “you’ve got to be zero trust”, zero trust is way past that hard candy shell, and it’s inside the gooey center.”
Addressing applications, message traffic, and the proliferation of APIs throughout the enterprise involves managing the risk of creating vulnerabilities that allow unauthorized access to data. Greymatter’s focus is on fortifying the core infrastructure, ensuring precise identification and secure audits. However, this endeavor poses a significant and formidable challenge.
What is the implication for zero trust mandates for edge computing?
“You can’t just take API’s, you can’t just take data and throw it in a database and put it on a server anymore, that’s gonna go in the back of a truck.”
Instances have surfaced where individuals attempt to deploy a Postgres database or an elastic search index on a server that will be transported in a truck. The concerning part is the lack of security measures in place.
Ideally, access to the server should be restricted to prevent unauthorized exposure of sensitive data. Achieving zero trust compliance necessitates extending security measures and identity management down to the level of the ElasticSearch Index, database, and APIs, leaving no room for vulnerabilities.
What does all of this look like in a mature state?
“It is a very complex, complicated environment, but it’s doable.”
The process is quite intricate. A service mesh network must be established, overseeing all elements within the environment. It should gather information from devices, including data access on both forward-deployed devices and servers, ensuring comprehensive audits.
Additionally, upon returning and reconnecting, the organization’s CISO arm should automatically synchronize with the network’s collected assets. This synchronization enables reporting, security scorecards, and easy identification of data interactions in the field. Moreover, it enables the analysis of collected data for potential malicious intent before integrating it into their networks.
Interested in learning more about how Greymatter can help your team?