As law enforcement and national security agencies adopt cloud services, their sensitivity to cyber incidents makes executing cybersecurity basics and transforma...
Law enforcement and national security agencies are, to one extent or another, seeking to adopt digital technologies and use data analytics to advance their missions.
But those agencies are particularly sensitive to the potential for a cybersecurity incident or misconfiguration leading to operational risks and data exposure, like when a cybersecurity researcher tipped off the U.S. Special Operations Command about unclassified emails leaking from a command server.
“Every agency is really focused on operational security,” Ed Cabrera, chief cybersecurity officer at Trend Micro, said during the Federal News Network Cloud Exchange 2023. “Making sure that data is secure and ensuring the integrity of that data, from the cloud applications to the users, is paramount.”
Federal agencies have a well-trodden process for evaluating the security of cloud services under the Federal Risk and Authorization Management Program. And as part of the FedRAMP Authorization Act passed last year, agencies will be considering additional ways to improve upon and streamline the FedRAMP process in the months and years ahead.
Meanwhile, at the state level, a nonprofit organization in 2020 founded an analogous process, called StateRAMP, to help state and local governments adopt a standardized approach for cybersecurity standards in the cloud.
“We see it affecting all levels of government, state, local and federal, anywhere you can make gains to be able to provide and deliver services in a safe, secure manner,” Cabrera said.
Federal agencies are also moving to adopt zero trust cybersecurity architectures under a strategy released by the Biden administration in 2022. Key to that strategy is the secure adoption of cloud services.
David Abramowitz, chief technologist for federal at Trend Micro, reiterated that the strategy’s emphasis is not just about pushing data into the cloud but also on the evolving nature of security.
“We have to constantly be looking at what the risk is of the user, of the device and of the application that they’re using to access data,” he said. “And all three of those things are going to play into this creation of a zero trust policy. That’s going to be very important, especially when the services and the data are in the cloud because you’ve got just as much of a responsibility for securing that data as if it were in your own on-premise data center.”
That’s why organizations are increasingly looking to adopt a proactive approach to cybersecurity, Abramowitz said.
“A lot of the platforms that are out there now are mostly reactive: the house has burned down, let’s sort through the ashes, figure out what happened and try to prevent it the next time,” he said. “But now we need to shift left and use things like Mitre ATT&CK techniques and procedures, so we can look at what are the behaviors that we’re seeing early on in this potential campaign that might signal something bigger happening.”
And the Cybersecurity and Infrastructure Security Agency, along with other federal security organizations, have also increasingly championed information sharing in the cyber realm to ensure organizations let others in the community know when they see suspicious activity on their networks or experience potential cyber incidents.
Abramowitz argued that cybersecurity vendors also have to take on that same mentality.
“We need to sort of come to this realization that we’re not competing with each other necessarily. As security vendors in this space, we’re competing with the threat actors who are trying to come into our customers and agencies and steal their data,” he said. “We need to continue to find more ways to work together — share threat intelligence where it’s appropriate and possible — so that together, we can bolster our customer security posture rather than compete with each other and try to knock each other out.”
To read or watch other sessions on demand, go to our 2023 Cloud Exchange event page.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Chief Cybersecurity Officer, Trend Micro
Chief Technologist, Federal, Trend Micro
Reporter, Federal News Network
Chief Cybersecurity Officer, Trend Micro
Ed is responsible for analyzing emerging cyber threats to develop innovative and resilient enterprise risk management strategies for Fortune 500 clients and strategic partners. Before joining Trend Micro, he was a 20-year veteran and former CISO of the United States Secret Service with experience in leading information security, cyber investigative, and protective programs in support of the Secret Service integrated mission.
Ed started his career investigating transnational cybercriminal groups targeting the financial and retail sectors. He proudly served on the Presidential Protective Division for President George W. Bush before transitioning to lead cyber forensic operations in support of Secret Service large-scale data breach investigations. In his role as the secret service strategic advisor to the DHS National Cybersecurity & Communications Integration Center (NCCIC) Ed led an interagency effort to share real-time actionable threat intelligence with Information Sharing and Analysis Organizations (ISAO) and critical infrastructure partners.
Ed is a guest lecturer at New York University Polytechnic Institute, Computer Science and Engineering Department and was a contributing subject matter expert on law enforcement, cybersecurity strategy and policy, computer forensics, and network intrusion incident response for the 2014 Risk and Responsibility in a Hyperconnected World; 2012 Homeland Security Advisory Council Task Force on Cyber Skills Report; and 2012 Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems
Auditor (CISA).
Chief Technologist, Federal, Trend Micro
David has spent the last 22 years of his career in cybersecurity helping organizations to ensure the integrity, confidentiality and availability of information by preventing, detecting and responding to cyber attacks. Over this time, he has had multiple roles including technical lead and advisor, security practitioner, and manager of security operations including enablement and services. In his current role as Trend Micro’s Regional Technical Lead his core responsibility as a cybersecurity evangelist for cloud and network security, virtualization, and endpoint protection strategies is to help protect the integrity of organization’s security architecture against attacks, damage and unauthorized access. He received his bachelor’s degree in computer science from Brandeis University, and a master’s degree in computer science from George Washington University. When he is not playing drums/singing in a rock cover band called 45 RPM, he’s on the ice playing hockey in a local adult league. If you're extra nice to him, he may tell you about the time his family auditioned for Family Feud.
Reporter, Federal News Network
A defense and cybersecurity reporter for Federal News Network. He previously covered the Pentagon for Inside Defense, where he reported on emerging technologies, cyber and supply chain security. Justin is a 2013 graduate of the University of New Hampshire, where he received his B.A. in English/Journalism.