Agencies have ‘once in a generation’ cyber, IT modernization opportunity
Juliana Vida, the group vice president and chief strategy advisor for public sector at Splunk, said agencies can use the momentum created by the cybersecurity E...
This is a once in a generation opportunity. We have the pandemic as a burning platform for a lot of the modernization projects that agencies had on the shelf, but hadn't really gotten around to, but then they had people working from home and were delivering services remotely and needed to get those projects going.
Juliana Vida
Group Vice President and Chief Strategy Advisor, Splunk
Threats that Agencies Face
There are several different value propositions of cloud. Speed so you can move faster. Agility so you can change your configurations and move things around. There's also efficiencies to be found because agencies don't have to manage the infrastructure and pay for all the data center hosting.
Juliana Vida
Group Vice President and Chief Strategy Advisor, Splunk
Since May when President Joe Biden issued his cyber executive order, the Office of Management and Budget has been busy developing implementation memos.
There was the most recent memo on end point endpoint detection response in late October. Before that OMB released the draft Zero Trust strategy and is reviewing public comments on that strategy with a final draft expected out in the coming weeks.
OMB also issued memos around securing on-premise software as well as logging incidents.
And more memos and guidance are coming as the EO detailed 23 different required actions by agencies to address systemic cybersecurity problems.
Beyond the required actions, the EO also has changed the discussion about federal cybersecurity. The urgency brought on by a spate of attacks in early 2021 and the surge of funding from Congress to the Cybersecurity and Infrastructure Security Agency is generating a once in a generation opportunity to do more to get ahead of attackers, secure data and systems, and create a modern infrastructure that can change as the threats change.
Juliana Vida, the Group Vice President and Chief Strategy Advisor for Public Sector at Splunk, said agencies can use the momentum created by the EO, the funding from CISA and the technological advancements of the market to harden their cyber resolve.
“This is a once in a generation opportunity. We have the pandemic as kind of a burning platform for a lot of the modernization projects that agencies had on the shelf but didn’t get around to. Then they had people working from home who were delivering services remotely and needed to get those [modernization] projects going,” Vida said on the Innovation in Government show. “Now with the cyber executive order, and the memoranda, those are helpful policy guidelines that not only give specifics to the agencies but it gives them some deadlines that are pretty aggressive. It allows industry to respond in a way that is truly meaningful.”
Vida and other experts lauded the cyber EO and implementation memos for being prescriptive enough, but also taking into account that each agency is different enough and starting at an assortment of points to improve their cybersecurity.
“It’s a win for each of the agencies to show some creativity, to show some innovation, and let the people come up with a solution that works best. given the domain that they have knowledge on,” she said. “I really do think it’s a win-win as we’re already seeing organizations put their plans in place based on their maturity.”
No matter where agencies are starting, Vida said the OMB memo from August on incident logging is a good place to start and/or focus initial efforts on improving.
In that memo, OMB established a maturity model around event logging and required agencies to assess their current state against the model.
“What we’re finding is that agencies don’t always know where to start to with incident event logging. Well, when you start with the logs, that’s like the ground truth,” she said. “We talk in general terms about listening to your data, or go back and look at the logs and figure out where the cybersecurity event happened. But that takes a lot of deep inspection, and it takes a lot of time. Unless you have this robust data analytics platform to do it, it can just be another burden on the agency. If agencies want to use their workforce to manually go through logs, and try to meet these requirements of the EO, but still maintain a good cybersecurity posture, that’s a losing proposition.”
Instead, Vida said using a cyber and data analytics platform like Splunk can not only get you compliant with OMB’s memo, but, more importantly, identify patterns, vulnerabilities and relieve some of the burdens on the cyber workforce through the use of automation and orchestration.
Vida added running the data analytics on a cloud infrastructure raises the value of the platform.
“There are several different value propositions of cloud. Speed so you can just move faster. Agility so you can change your configurations and move things around. There are also efficiencies to be found because agencies don’t have to manage the infrastructure and pay for all the data center hosting,” she said. “All of that drives speed and it allows the speed of the data processing and for the workforce to be able to do higher-level work, then trying to reconfigure passwords.”
About Splunk, Inc.
Splunk Inc. (NASDAQ: SPLK) turns data into doing with the Data-to-Everything Platform. Splunk technology is designed to investigate, monitor, analyze and act on data at any scale. Learn more at splunk.com/publicsector.
Group Vice President and Chief Strategy Advisor, Splunk
Juliana Vida is the GVP, Chief Strategy Advisor - Public Sector at Splunk. She and her team of business and cybersecurity advisors provide guidance, direction and thought leadership around Splunk’s Data to Everything platform. She leverages her 30 years of experience as an accomplished military and technology leader to partner with and inspire public sector leaders, customers and internal teams to harness the power of data to drive valuable outcomes.
Prior to joining Splunk, Juliana was a Vice President in Gartner Executive Programs, advising and coaching federal government Chief Information Officers (CIO) and IT senior leaders. Before entering commercial industry as an executive leader, she served honorably for 24 years as a US Naval Officer at sea and on shore as both a combatant ship driver and helicopter pilot. Her final role in government was as the Navy’s Deputy CIO in the Pentagon where she lead policy and governance over technology investments and implementation.
A 1994 graduate of the US Naval Academy, Juliana is a Special Advisor to the Washington Cyber Roundtable, Board Director for AFCEA International, AFCEA Cyber Committee member, Board Advisory for CalPoly’s Master of Business Analytics program, and an elected member of the US Naval Academy Alumni Association’s Board of Trustees. She is an active member and mentor in Women in Technology and Women in Defense.
Jason Miller
Executive Editor, Federal News Network
Jason Miller has been executive editor of Federal News Network since 2008. Jason directs the news coverage on all federal issues. He has also produced several news series – among them on whistleblower retaliation at the SBA, the overall impact of President Obama’s first term, cross-agency priority goals, shared services and procurement reform.