In the defense landscape, and especially at the tactical edge, communications are critical to the success of the mission. But often, our nation’s warfighters are in denied and degraded environments with barriers to connectivity and communications. The solution to this challenge is decentralized comms, according to SpiderOak CEO Dave Pearah.
GovCon Wire sat down with Pearah to discuss the urgency behind a new approach to communications, SpiderOak’s partnership with Intelligent Waves, data encryption and more. Read below for Pearah’s full Executive Spotlight interview.
GovCon Wire: Tell me about the strategic partnership between Intelligent Waves and SpiderOak.
Dave Pearah: We want to provide resilient communications for the brave men and women who are serving in areas with really compromised and insecure communications. Now, let me illustrate those layers. We’re talking right now over a Zoom call, we’re both in areas with typically really good power on large-scale devices like computers and laptops, communicating over robust cellular and wifi networks. But a lot of where the mission takes place happens on what we call the tactical edge.
The tactical edge is a critical part of the overall mission, and one where you have restrictions on size, weight and power of devices, and even more so, you are working over intermittent, unreliable and untrusted networks. Yet, just like you and I are talking right now, we need to have communication to do what we need to do, even more so for the men and women serving at the front on the tactical edge.
In partnership, we’re delivering a complete solution that allows folks with a very simple interface to communicate resiliently over a network that Intelligent Waves is creating — a mesh network utilizing low-power comms, so not cellular phones, not wifi and not even satellite communication. We’re working in areas where comms are denied, disrupted and untrusted. So we’re setting up this ad hoc network, and we provide the application-level security running on top of it.
I think a useful analogy is using Signal for secure messaging on your phone. You have texting on your phone, why would you use Signal? Well, for all the reasons people want to use Signal — it’s that end-to-end security and knowing that it doesn’t matter if you have an Android and your friend has an iPhone, or you’re on T-Mobile and they’re on Verizon. Nothing can compromise the privacy of that data. We provide that magic built into other people’s solutions and that’s what we’re doing with CEO Tony Crescenzo and the folks at Intelligent Waves.
With the rise in cybersecurity attacks on government networks, Tony led IW to successfully launch several innovative and disruptive cybersecurity technologies that serve the U.S Department of Defense and Intelligence Community, featuring GRAYPATH (GP), which allows traffic to be obfuscated by transmitting traffic from one source over multiple paths. What we are bringing is that zero trust overlay of data-level and application-level security on top of this ad hoc network and multi-path traffic that hides the signal.
GCW: How does the new communication solution ensure secure and reliable DOD communications?
Pearah: We provide technology that’s built into other people’s hardware, applications or solutions. We are a small but important part of the overall stack. We provide the data-level and application-level security, and folks like Intelligent Waves and our other amazing partners provide the actual solution that gets developed and delivered to the mission folks. We provide a small piece of tech that sits inside of other people’s solutions.
End-to-end encryption of data works when the keys for encryption are only held by the people with the need to know. For example, I have an electronic lock on my house, but if we use the same key for every person in the house and never change the key ever, and then we share it with people who want to have temporary access to the house, how useful is that key? If you don’t keep keys unique to individuals, you don’t limit when those keys are useful and you don’t change them, ultimately you might as well just have your door wide open and don’t even bother with a key.
We want to make encryption easy for folks by allowing them to change the keys that they use for encryption. Now that’s an oversimplification of what we do, but at the end of the day, our software allows it so that devices and people can easily manage compartments for sharing information.
It’s like using a messaging platform for your company. You’re all in the same company, but you don’t all scream at each other all the time and share all information. You do things like, create different channels for leadership or individual projects. You create smaller groupings that grow and shrink and get created and destroyed over time. That is what we make possible for very small devices in areas with really untrusted comms.
All of our patents are around doing this in environments where you have such degraded comms and such small form factor devices that we basically do it without central server or central communication and coordination. The magic is allowing people to secure information in these kinds of environments where you can’t have central coordination and that magic gets embedded into other people’s hardware, software and solutions.
GCW: Why is decentralized communication so important for the DOD in today’s security landscape?
Pearah: We are all about protecting the data, not the network or the infrastructure, because we feel it is the most resilient way to do it in the face of degraded comms. The first point I’m going to make about decentralization is that each endpoint itself is going to secure its own data and not rely on anything else other than itself.
Just like your message will get to your friend on Signal, whether they’re connected to the internet or not, because you’ve taken the first step of encrypting the data and you’ve sent it out without any sort of central coordination. So that’s step one. The other thing that we noticed when we were serving the space industry is that one satellite is in contact with another satellite, which is then in contact with another satellite, but they’re not all in contact with each other all the time. So the question becomes: Where does security get coordinated? Each satellite is coming in and out of range and doesn’t always have contact with the ground.
The reason why we created that market is because all the solutions on the ground assume a server with lots of power and constant connectivity, and that just doesn’t work in this domain where you have limited size and limited connectivity. The only reasonable answer is that each endpoint has to be responsible for its own security, and it can’t rely on constant connectivity. The decentralized answer kind of just pops out as the only rational approach to doing it.
People will try to bring comms and data centers as close to the edge as possible, but there’s a last mile where you can’t just bring a data center in your backpack and the satellite is just out of reach. Those people just can’t be out of luck, they have to have a solution. Having a peer-to-peer, decentralized approach for security and the moving of data is the only reasonable answer for these kinds of austere environments. And that’s why we’ve really leaned into and embraced this decentralized approach.
GCW: What benefits does this partnership bring to the DOD and its operations?
Pearah: I see a lot of applicability for this. This is multiple use cases in multiple environments, and Intelligent Waves is the perfect partner because they understand and are trying to do something cutting edge and innovative as opposed to the same old network-level security. They have embraced zero trust, they have embraced data-level, not network-level security, and they’re doing it in this really unique place.
What I love about this partnership is we cut our teeth in space cyber, and this is a non-space environment. Not only is it on the ground, it’s designed for people serving in areas where space comms is either denied, unavailable or compromised. Yet our same technology born in space is solving this non-space environment challenge. I love the extension and expansion of the mandate and use case for us with an amazing partner that frankly has the customer intimacy and understanding of the mission. We’re a small company, and we’re just trying to provide our tech to folks that have intimacy and understanding of these mission sets.
Retired Lieutenant General Ken Tovo, who is a former commanding general of the U.S. Special Operations Command and is an advisory board member for SpiderOak, has expressed strong support for the partnership. Ken understands that in the absence of giving solutions that work in the field, people will use things unofficially. Especially for people serving the mission in these austere environments, all they want to do is go home safely and do the good work. If the government is not going to provide to them, they’re going to find another way of getting the job done.
What Ken really likes is the flexibility of an instant-on solution that doesn’t require a lot of pre coordination. A lot of traditional solutions are: ‘We’re going to set up a secure network and then you’re going to have comms.’ That sounds good, but sometimes these things happen in an instant and you need to respond agilely. Whatever is creating and consuming information in this tactical edge environment — whether it be a warfighter or a sensor — needs a flexible solution that just works instantly. What Ken’s always thinking about is the people, the safety of the people, as well as the effectiveness of the mission. We are responding to an emerging set of requirements where people don’t want a secure network, more space comms, a new data center or heavy infrastructure. They want something that works in a peer-to-peer mesh immediately and instantly in the field.