Today’s guest is John Wood, CEO of the Telos Corporation. Survey after survey shows the number one concern in moving to the cloud is security. If that is the main concern of your agency, then you should listen to this interview.
Telos Corporation has been in business over thirty years and its decades of experience have given it understanding in information technology security, and now, secure transitions to the cloud.
During the interview Wood talks about working with organizations like NIST as a basis for a framework for a secure environment. Many readers know that the NIST framework now includes 1100 controls. It has gotten to the point where manually keeping track of each control is next to impossible.
Wood suggests that automation is the key to applying these controls in a federal environment. Network operations like patching can be done quickly and efficiently through systems that can function without human intervention. In the case of continuous monitoring, there is no choice but to automate.
The human part comes with knowing what to look for, keeping up to date, and having a deep understanding of risk management. One practical way to get that blend is with flexible teams working in under the guidelines of what is call DevOps. In the case of security, the current phrase is DevSecOps.
If you are considering working with Amazon Web Services to accomplish your agency goals, then you should become familiar with the tremendous success Telos has had with many of the technical aspects of merging into the Amazon cloud.