As you add cloud services, expand your applications, rely on multiple cloud providers, your agency will need a cyber strategy that addresses your expanding atta...
Given these trends, Shamla Naidoo, head of cloud strategy and innovation at Netskope, said the move to the cloud and new challenges to the federal attack surface require a new approach to cybersecurity.
“You add more technology, you add more points of presence, you add more users, you add more devices, more things to compromise, and therefore that attack surface is going to grow,” said Naidoo during the Federal News Network Cloud Exchange 2022.
When it comes to vulnerabilities and creating a cyber strategy to address them, it doesn’t matter whether an organization is in the cloud, she said. Security remains critical and requires a well thought-out strategy because “as you add more points of presence, more places to do business, more devices, more users, more capability, you can increase the attack surface,” Naidoo said. “However, the good news is, there’s a lot you can do about it, and it’s a whole lot easier than it used to be.”
That’s the chief security advantage of the cloud over legacy technology, she said. Moving to the cloud provides both security and operational benefits, but many agencies still rely on legacy IT. Naidoo said legacy technology poses cybersecurity challenges but also presents a business risk for agencies.
“Your legacy technology is going to limit how much capability you can actually bring to bear. It’s going to limit how much you can serve your customers, your consumers, your users,” she said. “If you don’t have modern technology that others can build on, that you can build and leverage other capabilities to bring rich experiences to your consumers, I think you’re losing a huge business advantage and opportunity.”
Looking ahead, Naidoo expects cloud adoption in government to continue to accelerate. But the expansion requires that agencies also make investments in cybersecurity and adopt zero trust architectures, she said.
“The cloud provides the foundation for our technology capability, but we have to be careful that that doesn’t get coupled with security neglect,” Naidoo said. “This new architecture really requires us to rethink what we had and what we need for the future.”
Naidoo advised that agencies should avoid vendor lock-in so that they can change software as a service providers and cloud hosting providers as needed. That way, agencies can take full advantage of the flexibility that the cloud offers, she said.
“All kinds of business capabilities must be allowed to change and be flexible, so that we can take the security that we need and just transport it to new workloads,” Naidoo said. “The security needs to be flexible, it needs to be simpler than it used to be. The end user needs to operate without that much friction.”
Check out all the sessions from the Federal News Network Cloud Exchange 2022.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.