Episode 81

From Special Ops to Cybersecurity: A Veteran's Journey in National Security

00:00:00
/
00:50:43

February 14th, 2024

50 mins 43 secs

Your Host

About this Episode

Sebastian Taphanel has spent his life on the cutting edge of technology and innovation. This week on Tech Transforms, Sebastian is sharing tales and lessons learned from his 20 years in DoD Special Ops and intelligence and 20 years implementing sound security engineering practices focused on implementing zero trust and highly resilient environments. Join Sebastian as he recounts his time in Special Forces taking his units out of the dark ages from secure fax communications to setting up an intranet, and how he continued with that innovative spirit through his 40-year career. He also shares his new passion, encouraging the industry to utilize disabled veterans to help fill both the cybersecurity and AI workforce gaps. They, after all, already have a call for the mission.

Key Topics

  • 03:38 ODNI CIO responded quickly with Microsoft Azure.
  • 07:03 Protecting data via application container, expanding capabilities.
  • 11:01 Zero Trust redrawn cybersecurity model, data-centric approach.
  • 13:57 Developing zero trust plan for downstream organizations.
  • 18:50 Ensuring security while sharing information and protecting IP.
  • 21:35 APIs, containers enable fluid, flexible data access.
  • 24:20 Data protection systems allow secure sharing and storage.
  • 27:02 Addressing cybersecurity workforce gap and AI need.
  • 29:39 In 1998, new commander requests secure WAN.
  • 33:49 Applied for certified protection professional, highest security certification.
  • 36:28 Passionate about supporting disabled vets in cybersecurity.
  • 39:55 Mentoring government employees for cybersecurity and AI/ML.
  • 45:32 Using advanced generative AI solutions for copywriting.
  • 47:19 Update cybersecurity tools and systems for new threats.
  • 49:50 Respect for those dedicated to automation.

Enhancing Secure Communication and Cloud Environments in Special Ops

Special Ops Agility: Adapting to Remote Collaboration with Secure Cloud-Based Workspaces

Sebastian Taphanel’s experience spans twenty years in DOD Special Ops and Intelligence, followed by consulting in security engineering. The focal point of this episode is his role in advancing cybersecurity practices at the ODNI. Particularly emphasizing resilient cloud-based environments.

Sebastian describes the quick adaptation during the pandemic which led to the rollout of an ad hoc cloud-based workspace to ensure the ODNI's mission could endure despite the workforce being remote. GCC High, or Government Commercial Cloud High as conceived by Microsoft, is revealed as the successor to the initial setup. Providing a more secure platform managed strictly by U.S. persons. The approach highlighted the agility of cloud technology for remote collaboration within federal agencies.

Cybersecurity in Intelligence Sharing: "Essentially, reciprocity is a process and also a culture of accepting each other's risks. And that's really the bottom line on all that." — Sebastian Taphanel

Unfolding the GCC High Environment

The intricacies of implementing Microsoft Azure and M365 (Office 365) are detailed as Sebastian underlines their pivotal use in creating an intranet with controlled document sharing and editing. These implementations include robust Mobile Device Management. Then a BYOD Mobile Application Management system that protects sensitive data in government and personal devices. Thereby, ensuring operational security and flexibility.

Special Ops Communication Evolution

Sebastian advanced from using secure faxes for interstate communication within military units to establishing a multi-state secure WAN. This resulted in a significant leap in communication efficacy for special operations. Sebastian shared the potency of secure, cloud-based tools in streamlining and securing government communications. As well as their inherent adaptability to contemporary operational needs.

Zero Trust Implementation and Reciprocity in Security Controls: "Reciprocity, in some circles, it's a dirty word. Because everybody wants to do it, but nobody really wants to be first." — Sebastian Taphanel

The Shift to Cybersecurity Training and AI

Special Ops to Cyber Ops: Training Disabled Veterans to Bridge the Cybersecurity Workforce Gap

Sebastian recognizes the increasing importance of cybersecurity expertise in today's digital landscape. He points out the significant gap in the cybersecurity workforce and the untapped potential of disabled veterans who can be trained to meet this demand. This shift towards prioritizing cybersecurity skills reflects the industry's evolution as organizations increasingly rely on digital infrastructure. Thus, creating a fertile ground for cyber threats. By focusing on equipping disabled veterans, who already possess a strong sense of duty and protection, with the necessary technical skills to combat these threats, Sebastian believes that we can build a robust cybersecurity force that benefits not just the veterans but the nation's overall security posture as well.

Training Disabled Veterans for Cybersecurity and AI

Building upon his own transition from a military career to cybersecurity, Sebastian is passionate about creating opportunities for disabled veterans in the field. His experience has shown him that these individuals, with their ingrained ethos of national service, can continue their mission through careers in cybersecurity and artificial intelligence. Sebastian advocates for collaborations with major tech companies and training providers to establish programs specifically tailored for veterans. These developmental opportunities can help translate military competencies into civilian technology roles. As AI continues to influence various industry sectors, including cybersecurity, the need for skilled professionals who can leverage AI effectively is critical. By providing appropriate training and mentorship, Sebastian sees disabled veterans playing an integral role in shaping the future of cybersecurity and AI.

Special Ops Veteran Illuminates Zero Trust as a Data-Centric Security Model and the Strategic Role of AI in Cybersecurity

Zero Trust as a Data-Centric Security Model

In the evolving landscape of cybersecurity, Sebastian brings to light the concept of zero trust. A framework pivoting away from traditional perimeter security to a data-centric model. He highlights zero trust as a foundational approach, which is shaping the way organizations safeguard their data by assuming no implicit trust, and by verifying every access request as if it originates from an untrusted network. Unlike the historical castle-and-moat defense strategy which relied heavily on securing the perimeters of a network, this paradigm shift focuses on securing the data itself, regardless of its location. Zero trust operates on the fundamental belief that trust is a vulnerability. Thereby, anchoring on the principle that both internal and external threats exist on the network at all times. It necessitates continuous validation of the security posture and privileges for each user and device attempting to access resources on a network.

Zero Trust as a Data-Centric Security Model: Zero trust now has essentially redrawn the lines for cybersecurity professionals and IT professionals. And I will say it’s an absolutely data-centric model. Whereas in previous decades, we looked at network centric security models. — Sebastian Taphanel

Implementing Zero Trust in Special Ops

Zero trust extends beyond theoretical formulations, requiring hands-on execution and strategic coherence. As Sebastian explains, the principle of reciprocity plays a vital role in the context of security authorizations among different agencies. It suggests that the security controls and standards established by one agency should be acknowledged and accepted by another. Thus, avoiding redundant security assessments and facilitating smoother inter-agency cooperation. However, applying such principles in practice has been sporadic across organizations, often hindered by a reluctance to accept shared risks. Driving home the notion that strategic plans must be actionable, Sebastian underscores the critical need to dovetail high-level strategies with ground-level tactical measures. Ensuring these security frameworks are not merely aspirational documents but translate into concrete protective actions.

Special Ops in Cybersecurity: Harnessing AI and ML for Enhanced Defense Capabilities

Amidst rapid technological advances, artificial intelligence (AI) and machine learning (ML) are being called upon to bolster cybersecurity operations. Sebastian champions the idea that AI and ML technologies are indispensable tools for cyber professionals who are inundated with massive volumes of data. By synthesizing information and automating responses to security incidents, these technologies augment the human workforce and fill critical gaps in capabilities. The agility of these tools enables a swift and accurate response to emerging threats and anomalies. Allowing organizations to pivot and adapt to the dynamic cyber landscape. For cybersecurity operators, the incorporation of AI and ML translates to strengthened defenses, enriched sense-making capabilities, and enhanced decision making processes. In a field marked by a scarcity of skilled professionals and a deluge of sophisticated cyber threats, the deployment of intelligent systems is no longer a luxury, it is imperative for the preservation of cybersecurity infrastructures.

Looking Ahead: Collaboration, Reciprocity and AI/ML Workforce

AI/ML as a Cybersecurity Force Multiplier

Sebastian highlights the untapped potential of artificial intelligence and machine learning (AI/ML) as critical tools that can amplify the capabilities within the cybersecurity realm. As Sebastian provides his insights on the importance of AI/ML, it becomes clear that these technologies will serve as force multipliers, aiding overwhelmed cybersecurity professionals dealing with vast arrays of data. The envisaged role of AI/ML is to streamline sense making processes and facilitate prompt, accurate cyber response actions to threats and vulnerabilities. Sebastian portrays a future where strategic use of AI/ML enables swift and informed decision-making, freeing cybersecurity operatives to focus on critical tasks that require their expertise.

AI/ML as a Cybersecurity Force Multiplier:I believe what’s going to be needed is the understanding, a training and culture that accepts AI/ML as an enabler. — Sebastian Taphanel

Empowering Special Ops Veterans for the Future Cybersecurity and AI/ML Workforce

Sebastian asserts the urgency to prepare and equip individuals for the cybersecurity and AI/ML workforce. He envisions an actionable plan to invigorate the employment landscape, creating a resilient front in the fight against cyber threats. Sebastian calls for a strategic focus on training and knowledge dissemination, particularly for disabled veterans, to incorporate them into positions where they can continue serving the nation's interests in the digital domain. Recognizing the fast evolving nature of these fields, he stresses the need for a workforce that not only understands current technologies but can also adapt to emerging trends. Ensuring that collective efforts in data protection and cybersecurity are robust and responsive to an ever-changing threat landscape.

About Our Guest

Sebastian Taphanel blends a more than 20-year DoD Special Ops and intelligence career with more than 20 years of sound security engineering practices focused on implementing Zero Trust and highly resilient environments through the use of innovative technologies and common sense business practices.