Cloud Exchange 2023: Cisco’s Peter Romness on why multicloud cyber requires end-to-end visibility

In adapting to the new era of continued mass telework using cloud applications, agencies must give fresh thought to securing end user devices.

Peter Romness, cybersecurity principal for the CISO Advisor’s Office at Cisco Systems, put it this way: “We have users, we have all of these devices, and then we have all of our data — and all of our applications. They’re no longer in our nice little data center in our own little environment. They’re everywhere.”

The result? The attack surface is larger and more amorphous than in the network perimeter days. Although hackers have many ways in, evidence shows email phishing still tops the list of attack methods, Romness said during the Federal News Network Cloud Exchange 2023.

Implement multifactor security

His advice for chief information security officers begins with thinking in a zero trust way. Zero trust prompts the use of measures to ensure that a username and password actually belongs to the person associated with them. Romness said that he does see agencies increasingly adding multifactor authentication (MFA) to their access routines.

“The cool thing about multifactor authentication is that it can be implemented very quickly,” he said. Plus, smartphone code-generating apps have replaced single-purpose key fobs, making MFA easier for users too.

Work toward resiliency

Romness said that when something bad does happen, agencies need resilience to minimize the damage and get back to normal quickly. The challenge comes from the sheer number of applications, data sources and devices in the average federal organization.

“The ability to manage an appropriate cybersecurity posture has become one of the major struggles,” he said. “And for most people I talk to, even if you have the funding to buy all the tools and fund the people you need, oftentimes you can’t find the people.”

Agencies therefore turn to consolidating and automating their cybersecurity operations, Romness said.

What makes any cybersecurity measure difficult, he said, is a complicated, multicloud environment.

“You may have your data in the AWS cloud, or the Azure cloud, or the Google cloud, or the Oracle cloud, or you may have it all over the place and in multiples of those clouds,” Romness said. “They all have security tools inside of them. But they’re all different.”

The same holds true for applications and data.

Increase visibility into the infrastructure

Cisco is working on methodologies to “make it so that you can manage your security from one place, and it doesn’t matter which of those clouds you’re in. And it doesn’t matter if it’s from your private cloud that you’ve created,” he said.

The goal is to help CISOs with end-to-end security management, including devices.

“From user to device, to whether it’s web or email, and all the way to your applications, how can you see it all?” Romness said. “And that’s where we’ve started to put our efforts — into making you have one place that you can see everything.”

Whatever approach an organization takes to cyber,  remember “cybersecurity needs to be a team sport” and is not just the purview of the CISO, he said. “I get to go around the country talking to chief information security officers, and one of the main topics they have is, ‘How do I bring along my organization in this struggle?’ ”

Solid cybersecurity takes the right tools, training and organizational buy-in, Romness said.

“We have security tool sets, but also really key is bringing on upper management. I call it managing down and managing up.”

To read or watch other sessions on demand, go to our 2023 Cloud Exchange event page.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.