FCW Workshop: Cloud Security
The COVID pandemic spurred agencies to move their data and applications to the cloud quicker than many had planned to make it more accessible for a remote workforce and to protect it from intensifying cyberattacks. More than a year into the new normal world of remote work, agencies are evaluating the best ways to secure the hybrid and multi clouds and their data troves to make sure it can meet the increased challenges.
In May 2020, the Biden Administration issued an Executive Order on Cybersecurity that mandated some of the upgrades agencies had been considering—zero trust architecture, data encryption, endpoint protection and multi-factor authentication, to name just some of the new requirements. The EO also looks for better passwords and an accelerated move to secure cloud services—such as Software as a Service, Infrastructure as a Service and Platform as a Service.
At this event, government and industry executives shared lessons learned from improving cloud security and offer pathways for faster compliance with the Executive Order.
Attendees left the event with an improved understanding of:
• what the EO requires and the deadlines that must be met
• the increased role of identity and access management in cloud security
• how the complexity of agency networks complicates securing them
• the role of automation in managing many network devices
• the challenges of funding shortages and options to consider
• shortage of skilled cyber workforce and how agencies are addressing it
Ramping Up for the Cyber EO and Cyber Workforce Rebuild
Guy Cavallo, OPM’s CIO, shared lessons learned from leveraging native cloud cybersecurity solutions and other steps to implement the Cyber Executive Order. He also addressed the shortage of cloud and cyber skills workers and suggestions on how to address it.
Guy Cavallo, Chief Information Officer, Office of Personnel Management
Adam Clater, Chief Architect, Red Hat