Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Digital Transformation

Moving to the Cloud? What’s Your Security Strategy?

by Jackie Davis
November 28, 2018
in Digital Transformation
Reading Time: 4 mins read
A A
cloud strategy
Share on FacebookShare on Twitter

Seven years ago when the Federal CIO’s office released the Cloud First policy, moving to the cloud seemed like a very complicated and expensive proposition. However, over the course of time and with numerous innovations and iterations of improved cloud solutions, being cloud smart is now a top priority for all government agencies and educational institutions.

As Lauren Burnell, who heads up US Public Sector Cloud Alliances at FireEye, explained in a recent webinar, the ubiquity of the cloud among federal agencies is a great opportunity to build more data-driven and mission-responsive agencies. “We all use cloud day in and day out in our personal lives and organizations are similarly looking to reap the benefits,” she shared during the conversation. But, as she readily acknowledged, just as the cloud is ubiquitous, so are the threats from hackers looking to exploit the vast amount of data government agencies and educational institutions are looking to move to the cloud.

FireEye webinar banner

What concerns Burnell is that with “fewer than a third of organizations [having] a documented cloud security strategy,” the likelihood of assets stored in the cloud being compromised is too high for most organizations’ risk appetite. So, as organizations plan their move to the cloud, or refine their strategy, they must develop a security strategy to protect cloud-based apps and assets.

By starting with a background on security threats to cloud-based apps and assets and sharing insights on recent threat trends, Burnell laid the foundations for an in-depth exploration of how government agencies and educational institutions can develop a comprehensive cloud security strategy and shared best practices for managing risk.

For Burnell, the foundation of a cloud security strategy is understanding the current threat. Based on FireEye threat intelligence and incident response engagements, Burnell shared that the greatest threat to an organization’s cloud is to its users, not infrastructure. “Many public cloud compromises occur without any cloud hacking at all – there is no direct compromise of the cloud infrastructure,” she said, highlighting that credential theft is attackers’ tool of choice. “The best first defense you can have for your cloud is strong email security,” she concluded.

But risks from email are just the tip of the iceberg when it comes to cloud threats. Burnell provided in-depth analysis of the risks that come with a hybrid cloud strategy, from cloud services hacking to shared security with cloud service providers. A common gap she sees in cloud security strategies stems from assuming that the cloud provider has all the necessary security controls in place to protect the assets the organization has put in the cloud. “A lack of understanding here is leading to a lot of challenges organizations are having with cloud security,” Burnell said as she walked through the shared responsibility model.

Despite what might seem like a gloomy outlook Burnell assured the participants that with a robust cybersecurity strategy and team threats can be managed and mitigated effectively. She urged agencies to take the first step by developing a clear understanding the risk environment and potential threats based on what assets they are moving to the cloud. Any agency that takes the time to map out a goal-oriented cyber plan, educate themselves on threat trends, and be proactive in monitoring can have an easy transition to the cloud. “The important thing is that your organization has clearly defined goals for your cloud efforts and that your cloud security strategy supports those end state objectives,” said Burnell.

To hear more from Burnell on cloud security and strategy, listen to the webinar here.

Tags: cloudCloud FirstCloud Security StrategyCloud SmartcyberCyberattackcybersecurityFireEyeLauren Burnell

RELATED POSTS

CISA and Congressional Leaders
Cybersecurity

CISA and Congressional Leaders Look to Combat Cyber Threats from Nation-State Actors

September 14, 2023
Zero Trust Ensures Secure Access from Anywhere for Federal Agencies
Civilian

Zero Trust Ensures Secure Access from Anywhere for Federal Agencies

September 11, 2023
Video: Strategies for Overcoming Cyber Threats with Technology and Threat Intelligence
Cybersecurity Strategies

Video: Strategies for Overcoming Cyber Threats with Technology and Threat Intelligence

August 31, 2023

TRENDING NOW

  • Advana

    Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    12111 shares
    Share 4844 Tweet 3028
  • Zero Trust Implementation and Success are Just Steps Away for Federal Agencies

    81 shares
    Share 32 Tweet 20
  • The FAA Modernizes Data Management to Accelerate Access and Manage Costs

    46 shares
    Share 18 Tweet 12
  • DoD Leverages Cyber Threat Intelligence for National Security

    132 shares
    Share 53 Tweet 33

CONNECT WITH US

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us