DeciSym and Sylabs recently joined forces to develop a virtual data fabric for the Department of Defense. The Measure & Share Storage Virtual Fabric addresses a specific and critical need within the DoD to improve the efficiency and effectiveness of cyber testing, allowing accurate information sharing across organizational and classification enclaves.
By using advanced container technology, this collaboration leverages the capabilities of Sylabs SingularityPRO and Singularity Enterprise, which will serve as critical infrastructure for enabling the packaging and sharing of data in tiered compartments with credentialed analysts.
According to Don Pellegrino, CEO and founder of DeciSym, the containerization technology provided by Sylabs has helped address a key challenge: The successful utilization of artificial intelligence and machine learning in the staging and prepping of data to make it scientifically reproducible — all while maintaining security protocols such as encryption and identity verification.
- What is a virtual data fabric?
- What is the Measure & Share Storage Virtual Fabric?
- Shortcomings of current cyber testing practices
- Benefits of using a virtual data fabric for cyber testing
- Implications for cyber testing at the DoD and elsewhere
What is a virtual data fabric?
A virtual data fabric is an online database structure that allows users to easily access, store, manage, analyze, share, search and visualize large amounts of disparate data from various sources. It works by connecting multiple databases or applications together into one cohesive system where they can be used effectively.
This differs from a data fabric because it is a virtual infrastructure and can be accessed on demand from anywhere. The container typically comprises three layers: connection, virtualization and consumer (Figure A).
A connection layer
This includes all the adapters that interact with all the databases, typically in different formats and systems. The adapters are responsible for transforming the incoming data into a format that can be used in the virtualization layer.
A virtualization layer
This manages all the objects and rules that enable the consumer layer to access the data from different sources. This is where the “magic” happens, as it allows for compute-intensive operations such as aggregation and analysis.
A consumer layer
This is where the users access the data. The virtualization layer allows for user-friendly apps, tools, interfaces and data sets to be created, allowing the users to aggregate and explore different datasets efficiently.
What is the Measure & Share Storage Virtual Fabric?
The Me&S Storage Virtual Fabric will enable the DoD to securely ingest, store, manage, analyze and share data in support of its cyber testing operations. The fabric will provide enhanced speed, accuracy and scalability for mission-critical tasks such as test deployment.
Shortcomings of current cyber testing practices
According to a tender solicitation distributed by Tradewind, the company contracted to accelerate the DoD’s adoption of data, analytics and AI, the DoD currently relies on a hierarchical and “independent event” approach when it comes to cyber testing, which can be inefficient, ineffective and costly.
As a result, test events do not build upon past testing, and subsystems are often tested multiple times using the same tactics, techniques and procedures. This is a major issue because it prevents DoD leadership from understanding the actual risk posture of its systems and missions.
DeciSym and Sylabs have proposed solutions that include developing a mechanism to integrate cyber test results with real-world observed activities or other types of system performance testing, determining the return on investment for cyber testing, and creating a way to promulgate test results to the test and evaluation community.
In addition, solutions suggested by DeciSym and Sylabs include devising a universal mechanism to quantify the efficacy of a cyber test or quantify system readiness for testing and disseminating specific cyber TTP test vectors that have been used during testing so they can be reused.
Benefits of using a virtual data fabric for cyber testing
The use of a virtual data fabric in general has many potential benefits for cyber testing for most organizations that face similar shortcomings. Integrating cyber test data into one cohesive platform allows operators to quickly access all necessary information to make informed decisions about the organization’s preparedness based on current risks, threats, test results and mitigations.
In the DoD case, the Me&S Storage Virtual Fabric platform offers insights into cyber resilience so that leadership at all levels can understand the overall risk posture posed by systems and missions tested using this technology.
It is reported to drastically reduce complexity when it comes to integrating data from multiple sources while simultaneously streamlining collaboration efforts across organizations. It also increases testing efficiency and provides analytical results that display confidence in mission-critical decisions.
Ultimately, the Me&S Storage Virtual Fabric could lead to increased security through improved testing practices and reduced costs associated with T&E operations due to quicker turnarounds on mission-readiness assessments.
Implications for cyber testing at the DoD and elsewhere
The partnership between DeciSym and Sylabs is expected to revolutionize DoD cyber testing operations. By using advanced container technologies, this virtual data fabric solution introduces an efficient and secure way of packaged information sharing across organizations while providing tiered compartmentalization.
This technology promises better security for both operational missions as well as future projects looking toward implementation within the DoD. It has the potential to reduce complexity during integration processes while simultaneously increasing test efficiency.
The implications of such a solution go beyond just the DoD; they can have a positive impact on an organization’s cyber testing practices by reducing data integration complexity, providing a clear view of system risk postures, increasing the efficiency of test operations and cutting costs.
As organizations continue to look for ways to improve their cyber testing processes, the solutions from this development may prove to be a valuable asset for cybersecurity professionals and practitioners, government officials and employees, business executives and managers, researchers and academics, or investors and venture capitalists looking to invest in or fund technology companies.
Read next: Security risk assessment checklist (TechRepublic Premium)