Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Digital Transformation
  • Cybersecurity
  • Remote Work
  • Resources
    • C-Suite Directions for Agile Government
    • Civilian Agency
    • Innovative Solutions for Connecting Agencies
    • Modern Data Experience
    • Podcasts
    • State and Local
Government Technology Insider
  • Acquisition
  • AI & Data
  • Digital Transformation
  • Cybersecurity
  • Remote Work
  • Resources
    • C-Suite Directions for Agile Government
    • Civilian Agency
    • Innovative Solutions for Connecting Agencies
    • Modern Data Experience
    • Podcasts
    • State and Local
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Digital Transformation

Moving to the Cloud? What’s Your Security Strategy?

by Jackie Davis
November 28, 2018
in Digital Transformation
Reading Time: 4min read
A A
cloud strategy
Share on FacebookShare on Twitter

Seven years ago when the Federal CIO’s office released the Cloud First policy, moving to the cloud seemed like a very complicated and expensive proposition. However, over the course of time and with numerous innovations and iterations of improved cloud solutions, being cloud smart is now a top priority for all government agencies and educational institutions.

As Lauren Burnell, who heads up US Public Sector Cloud Alliances at FireEye, explained in a recent webinar, the ubiquity of the cloud among federal agencies is a great opportunity to build more data-driven and mission-responsive agencies. “We all use cloud day in and day out in our personal lives and organizations are similarly looking to reap the benefits,” she shared during the conversation. But, as she readily acknowledged, just as the cloud is ubiquitous, so are the threats from hackers looking to exploit the vast amount of data government agencies and educational institutions are looking to move to the cloud.

FireEye webinar banner

What concerns Burnell is that with “fewer than a third of organizations [having] a documented cloud security strategy,” the likelihood of assets stored in the cloud being compromised is too high for most organizations’ risk appetite. So, as organizations plan their move to the cloud, or refine their strategy, they must develop a security strategy to protect cloud-based apps and assets.

By starting with a background on security threats to cloud-based apps and assets and sharing insights on recent threat trends, Burnell laid the foundations for an in-depth exploration of how government agencies and educational institutions can develop a comprehensive cloud security strategy and shared best practices for managing risk.

For Burnell, the foundation of a cloud security strategy is understanding the current threat. Based on FireEye threat intelligence and incident response engagements, Burnell shared that the greatest threat to an organization’s cloud is to its users, not infrastructure. “Many public cloud compromises occur without any cloud hacking at all – there is no direct compromise of the cloud infrastructure,” she said, highlighting that credential theft is attackers’ tool of choice. “The best first defense you can have for your cloud is strong email security,” she concluded.

But risks from email are just the tip of the iceberg when it comes to cloud threats. Burnell provided in-depth analysis of the risks that come with a hybrid cloud strategy, from cloud services hacking to shared security with cloud service providers. A common gap she sees in cloud security strategies stems from assuming that the cloud provider has all the necessary security controls in place to protect the assets the organization has put in the cloud. “A lack of understanding here is leading to a lot of challenges organizations are having with cloud security,” Burnell said as she walked through the shared responsibility model.

Despite what might seem like a gloomy outlook Burnell assured the participants that with a robust cybersecurity strategy and team threats can be managed and mitigated effectively. She urged agencies to take the first step by developing a clear understanding the risk environment and potential threats based on what assets they are moving to the cloud. Any agency that takes the time to map out a goal-oriented cyber plan, educate themselves on threat trends, and be proactive in monitoring can have an easy transition to the cloud. “The important thing is that your organization has clearly defined goals for your cloud efforts and that your cloud security strategy supports those end state objectives,” said Burnell.

To hear more from Burnell on cloud security and strategy, listen to the webinar here.

Tags: cloudCloud FirstCloud Security StrategyCloud SmartcyberCyberattackcybersecurityFireEyeLauren Burnell

RELATED POSTS

five attributes
C-Suite Directions

Five Attributes to Look for in Your Agency’s Cloud Migration

April 13, 2021
Cyberattacks Against Critical Infrastructure: How Vulnerable is the United States?
Featured

Cyberattacks Against Critical Infrastructure: How Vulnerable is the United States?

April 5, 2021
A Multi-Cloud Environment
Defense & IC

Avoiding the Pitfalls of a Multi-Cloud Environment: Department of Defense Embraces Hyper-Converged Infrastructure

March 31, 2021

TRENDING NOW

  • Billy Biggs

    Support, Security, and Success: Insights from Billy Biggs, Area Vice President – US Public Sector Sales with BlackBerry

    0 shares
    Share 0 Tweet 0
  • Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    0 shares
    Share 0 Tweet 0
  • Three Strategies for Optimizing and Securing Multi-Cloud Environment for Federal Agencies

    0 shares
    Share 0 Tweet 0
  • Federal Remote Worker Podcast Series – Part 1: Wireless Communications are Essential to Keeping Government Workers Connected During COVID-19

    0 shares
    Share 0 Tweet 0
  • Six Months on APT1 and Chinese Hacking Story Continues to Grow

    0 shares
    Share 0 Tweet 0

CONNECT WITH US

Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banners Advertisement Banners Advertisement Banners
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2021 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Digital Transformation
    • Cybersecurity
    • Remote Work
  • Contact Us