Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Civilian

Supply Chain Attacks: What Does It Mean for Federal Agencies Migrating to the Cloud?

by Grace Lin
November 10, 2021
in Civilian, Cybersecurity
Reading Time: 4 mins read
A A
supply chain attacks

Share on FacebookShare on Twitter

Supply chain attacks have become a serious cybersecurity concern for the federal government in the past year. The massive SolarWinds attack showed that sensitive federal data could be infiltrated through third parties in federal data networks. Recently, Microsoft issued a warning that Nobelium, the Russian group responsible for the SolarWinds attack, “has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.” The federal government’s expanding network of suppliers and service providers with access to federal data means that officials must make it a priority to reduce the risk of attacks. An Executive Order issued in May has placed increased responsibility on federal agencies to do their part to mitigate these risks.

With a huge push for data interoperability in the federal government, federal agencies have migrated their data from legacy systems to cloud service offerings to improve connectivity, efficiency, and quality of service. Yet this has created an expansive IT and data supply chain with multiple tiers, and requirements become more difficult to track each step down in the supply chain. This means that data interoperability may also increase the risk of a data breach.

To lead the way, the Department of Justice recently launched its Civil Cyber-Fraud Initiative, a program that holds government contractors to a higher degree of accountability. The Cybersecurity and Infrastructure Security Agency (CISA) recognized in its Emergency Directive response to the SolarWinds attack that authorized vendors providing services for federal information systems may be working with other third parties that may not be covered by the mandatory Federal Risk and Authorization Management Program (FedRAMP) authorization.

The increased scrutiny of contractors brought by these initiatives places the onus of monitoring, reporting, and conducting full audits on federal agencies. According to CISA’s Emergency Directive, federal agencies are responsible for engaging with all service providers to audit and inventory their information systems. Per the Civil Cyber-Fraud Initiative, contractors that provide products that fail to meet cybersecurity standards and protocols will face penalties. Agencies engaged with these contractors will need to find new vendors, seek out alternate data solutions, and potentially rework existing migrations.

The FedRAMP program was created to establish consistency and confidence in cloud solutions by providing a standardized approach to monitoring Cloud Service Providers. Fully integrated solutions in the FedRAMP marketplace can help agencies find relief from closely monitoring a complicated network of multiple cloud service providers. Andrew Churchill, VP of Federal Sales at Qlik, praised the efficiency of cybersecurity that is managed on an end-to-end level with security and governance designed into a single platform: “With standardized security controls mapped to different levels of need and computing resources provisioned in the blink of an eye, a federal organization could—in theory—field new mission-critical capabilities practically overnight.”

Mass data migration to the cloud means more parties will have access to federal data. With the threats of supply chain attacks on the rise again, federal agencies need to take calculated steps to ensure that they don’t become a headline. Seeking out fully integrated data solutions means working with contractors that have a streamlined approach to cybersecurity, reducing the risk of supply chain attacks while alleviating agencies of complicated audits.

To learn more about comprehensive cloud analytics platforms, download the datasheet “Cloud Analytics for the U.S. Public Sector.”

Tags: CISACivil Cyber-Fraud InitiativecybersecurityFedRAMPNobeliumQlikSupply Chain Attacks

RELATED POSTS

CISA and Congressional Leaders
Cybersecurity

CISA and Congressional Leaders Look to Combat Cyber Threats from Nation-State Actors

September 14, 2023
Zero Trust Ensures Secure Access from Anywhere for Federal Agencies
Civilian

Zero Trust Ensures Secure Access from Anywhere for Federal Agencies

September 11, 2023
Video: Strategies for Overcoming Cyber Threats with Technology and Threat Intelligence
Cybersecurity Strategies

Video: Strategies for Overcoming Cyber Threats with Technology and Threat Intelligence

August 31, 2023

TRENDING NOW

  • A True Zero Trust Approach Requires Federal Agencies to Move Beyond Compliance

    A True Zero Trust Approach Requires Federal Agencies to Move Beyond Compliance

    374 shares
    Share 150 Tweet 94
  • Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    12049 shares
    Share 4820 Tweet 3012
  • DoD Leverages Cyber Threat Intelligence for National Security

    130 shares
    Share 52 Tweet 33
  • Making Identity Verification Equitable for All

    22 shares
    Share 9 Tweet 6
  • AI Implications – Power Requirements Going Nuclear on Local Grids

    30 shares
    Share 12 Tweet 8

CONNECT WITH US

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us