Insight by Trend Micro

Cloud Exchange 2023: Trend Micro’s David Abramowitz, Ed Cabrera on operational security for cloud adoption

As law enforcement and national security agencies adopt cloud services, their sensitivity to cyber incidents makes executing cybersecurity basics and...

Law enforcement and national security agencies are, to one extent or another, seeking to adopt digital technologies and use data analytics to advance their missions.

But those agencies are particularly sensitive to the potential for a cybersecurity incident or misconfiguration leading to operational risks and data exposure, like when a cybersecurity researcher tipped off the U.S. Special Operations Command about unclassified emails leaking from a command server.

“Every agency is really focused on operational security,” Ed Cabrera, chief cybersecurity officer at Trend Micro, said during the Federal News Network Cloud Exchange 2023. “Making sure that data is secure and ensuring the integrity of that data, from the cloud applications to the users, is paramount.”

FedRAMP and StateRAMP act as cloud starting points

Federal agencies have a well-trodden process for evaluating the security of cloud services under the Federal Risk and Authorization Management Program. And as part of the FedRAMP Authorization Act passed last year, agencies will be considering additional ways to improve upon and streamline the FedRAMP process in the months and years ahead.

Meanwhile, at the state level, a nonprofit organization in 2020 founded an analogous process, called StateRAMP, to help state and local governments adopt a standardized approach for cybersecurity standards in the cloud.

“We see it affecting all levels of government, state, local and federal, anywhere you can make gains to be able to provide and deliver services in a safe, secure manner,” Cabrera said.

Federal agencies are also moving to adopt zero trust cybersecurity architectures under a strategy released by the Biden administration in 2022. Key to that strategy is the secure adoption of cloud services.

 Zero trust strategies are works in motion

David Abramowitz, chief technologist for federal at Trend Micro, reiterated that the strategy’s emphasis is not just about pushing data into the cloud but also on the evolving nature of security.

“We have to constantly be looking at what the risk is of the user, of the device and of the application that they’re using to access data,” he said. “And all three of those things are going to play into this creation of a zero trust policy. That’s going to be very important, especially when the services and the data are in the cloud because you’ve got just as much of a responsibility for securing that data as if it were in your own on-premise data center.”

That’s why organizations are increasingly looking to adopt a proactive approach to cybersecurity, Abramowitz said.

“A lot of the platforms that are out there now are mostly reactive: the house has burned down, let’s sort through the ashes, figure out what happened and try to prevent it the next time,” he said. “But now we need to shift left and use things like Mitre ATT&CK techniques and procedures, so we can look at what are the behaviors that we’re seeing early on in this potential campaign that might signal something bigger happening.”

Cyber information sharing adds to proactive capabilities

And the Cybersecurity and Infrastructure Security Agency, along with other federal security organizations, have also increasingly championed information sharing in the cyber realm to ensure organizations let others in the community know when they see suspicious activity on their networks or experience potential cyber incidents.

Abramowitz argued that cybersecurity vendors also have to take on that same mentality.

“We need to sort of come to this realization that we’re not competing with each other necessarily. As security vendors in this space, we’re competing with the threat actors who are trying to come into our customers and agencies and steal their data,” he said. “We need to continue to find more ways to work together — share threat intelligence where it’s appropriate and possible — so that together, we can bolster our customer security posture rather than compete with each other and try to knock each other out.”

To read or watch other sessions on demand, go to our 2023 Cloud Exchange event page.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories