Insight By Fortinet

Better and more efficient cybersecurity in a hybrid world

Moving the government’s mission-critical compute resources to commercial clouds is like commercial rocketry. It may be getting more common but it’s not getting any easier. For agencies, the cloud imperative and the cloud challenge continue to roll forward.

In particular, cybersecurity is a moving target when it comes to cloud deployments. If security on an agency’s own networks and in its data centers isn’t adequate, it’s unlikely top-notch security will occur in the cloud. Therefore, to have high assurance of successful cloud implementations, agencies must constantly re-evaluate their security foundations. Quickly emerging are strategies for standards and interoperable tools that work across environments, on premise and in clouds, to ultimately ensure secure access and protection of data regardless of where the user or the data resides.

Current State of Cloud Adoption and Security

This year has been about moving us toward a [software-as-a-service] direction. How can we deliver services much more quickly to our men and women out on the front lines, getting the data to them? That’s the way we’re going to be able to do that. That gets us to some of the same challenges we had in the on-premises: we need visibility into all of those clouds. My goal is to have a standard approach to security as we approach each different environment.

Containerization

I’m protecting three and a half million users, six million machines, terabytes upon terabytes of data coming in and out of the department every day. I’m pushing for open standards and communications across vendors so I can be tool agnostic. [The security requirement] could be hosted in one of my data centers, it could be a machine owned and operated by a local command, or it might be hosted within a cloud environment. So I really need a toolkit that will interoperate across a suite of systems.”

Identity Management

Today’s networks have become borderless. Access management and identity management becomes the supreme strategy. You need to protect the data wherever it is – in your own data center or in the cloud. So the strategies of micro segmentation, macro segmentation, done with great agility is the first and foremost security strategy we need to embrace. And by the way, do that without overwhelming people with complexity.

 

Listen to the full show:

Panel of experts

  • Greg Hall

    Assistant Director, Information System Security & Chief Information Security Officer, Executive Office for U.S. Attorneys, Department of Justice

  • Beau Houser

    Chief Information Security Officer, Small Business Administration

  • COL Brian Lyttle

    Program Executive Officer of Cyber Development Directorate, Defense Information Systems Agency

  • Paul Morris

    Chief Information Security Officer & Executive Director, Information Assurance and Cybersecurity, Transportation Security Administration

  • Philip Quade

    Chief Information Security Officer, Fortinet

  • Tom Temin

    Federal News Radio

Sign up for breaking news alerts