When it comes to cyber breaches, experts find it’s usually an inside job. That’s not to say employees are the main culprits, but rather the bad actors get past the initial cyber defenses and then take advantage of being inside the network.
Jim Helou, worldwide lead for the U.S. public sector marketplace at AWS, said that’s why agencies and other organizations now spend more money on tools and capabilities to protect the right data and their most important systems.
“There are agencies that are trying to build better defenses. There are also tools that are being deployed to help remediate things that have happened,” Helou said during Federal News Network’s Cyber Leaders Exchange 2023. “Probably 80% of it is on the goal to build better defense and about the 20% to recover what unfortunately went wrong.”
The ever-growing challenges of cybersecurity as well as mandates to move to a zero trust architecture drive so many of the government buying actions, he said. On AWS Marketplace alone, about 50% of all sales fall into the security category.
“There is clearly a lot going on there in public sector. For customers — cities, counties, federal agencies big and small — it’s top of mind, and it’s top of mind for a reason, especially from a protection standpoint. Unfortunately, there’s a lot happening from a correction standpoint of where breaches have happened,” he said.
“When you distill down in that 50%, you’ll see a lot of categories that do snap together into zero trust, and a lot of these vendors are working together to build bundled offerings because they know each of them has a piece of the puzzle that the government is looking to solve. We help them to bring that together to simplify the procurement side of it.”
Compressing procurement time
When agencies or companies must respond to a potential breach, time becomes a critical factor. That applies to buying the necessary tools to clean up and further protect systems and data from future attacks, Helou said.
“What we’re trying to do is work with industry and partners to say, ‘Let’s make sure that government procurement can check the boxes to ensure they’re getting the best prices,” he said. “Let’s make sure that the terms of service that they need are in place, and we can compress that.’ ”
It’s one of the reasons that AWS partners with Carahsoft. The partnership provides access to cyber vendors on the GSA Schedule. “What we then do is we compress that procurement time. Actually CrowdStrike is an example where the president of CrowdStrike talks about how they’ve seen procurement in public sector compressed by up to 45%,” Helou said. “So if you take that traditional procurement, you squeeze it down by 45% that means we’re getting protection in the hands of people a whole lot faster. That’s part of the big value add that Marketplace brings to the equation: helping government get that in there faster.”
Making wide array of tools available
The biggest challenge agencies continue to face is understanding what tools and capabilities exist in the cyber market. Helou said agencies also must fully grasp the role their employees play and the responsibilities companies have in securing federal data and systems.
“If I focus on where does Marketplace add value and how can we help, it’s ensuring that procurement knows that we can compress the time we can get the tools there, while still allowing them to maintain all of the structure and rigor that they’re held accountable for,” he said. “If we can help compress that procurement time to 50%, that means that those procurement officials can procure more things faster, so that we’re helping them to be more effective. We’re getting these really critical tools in the hands of the folks that need it either on the offensive or defensive side faster.”