The COVID-19 pandemic has shifted the federal government’s workforce to cloud-based telework and agency leaders continue to address security concerns and access to sensitive information.
Even before COVID-19, cybersecurity risks associated with federal IT systems and their underlying data remained high after a variety of high-profile attacks, such as the 2016 breach at the Office of Personnel Management. And according to Dan Prieto, strategic executive at Google Cloud for public sector, “we need to continue to evolve both policies and practices to continue to drive down that risk.”
“[O]ur adversaries continue to be determined and they continue to be more aggressive. And their goals continue to expand: They seek to weaken democratic institutions; they seek to disrupt our critical infrastructures in health care and finance and government; and an emergency [within the public] service sector is something that we should be very wary of at this time of the COVID pandemic,” Prieto says in a new podcast underwritten by Google Cloud. “They continue to hack and leak, manipulate data and conduct for-profit, cyber-enabled theft, but at the same time, the threats continue to be serious.”
As organization continue to telework, there is an increase in the usage of virtual private networks (VPN). But Prieto thinks this is not the best approach, mainly because it considers the perimeter of the distributed workforce model to be the same as it is when personnel are in-office.
“The approach to providing the telework capability using virtual private networks suggests that there is still this approach to both access and security that is focused on a traditional paradigm of ‘What’s my security perimeter?’” he says.
Rather, Prieto and Google Cloud believe a zero-trust security model is the best option in a cloud-enabled environment.
Capitalizing on analytics and automation
On top of current challenges, agencies are more imbued with data than ever before, and they’re doing themselves a disservice if they’re not using it to their advantage for securing the enterprise, Prieto added.
“I think situational awareness is significantly challenged. Most large organizations including our government organizations have 150 or more cybersecurity tools implemented and that means they’re flooded with data,” Prieto says.
“And for the most part, they’re not able to store that data and analyze that data to improve their situational awareness,” he says. He points to New York City as an example of how utilizing the cloud for data storage and analytics has helped city officials dramatically improve their situational awareness.
”The challenges they face would resonate with any federal leader or state and local government leader: a fragmentation of tools, a fragmentation of identity solutions, lots of legacy applications; they weren’t getting full value out of lots of detection and monitoring on endpoints,” he says. “Traditionally, to the extent that historic data was used, it was just used retroactively, if an incident occurred, to try to do forensic analysis.” There was “no unified collection and analysis point; storage of long term cybersecurity log data was cost prohibitive and analysis was not agile,” he says.
With Google’s help, New York City built a cloud-based analytic platform over the last couple years, according to Prieto. “They went from only being able to store several months of data — to the cost of millions of dollars — to now being able to store and analyze multiple years of historical data and doing so much more cost effectively. We’ve seen more than a tenfold increase, and in some cases, analyze the cybersecurity environment to get better and to improve up to 100-fold increase into the volumes of data that they’re able to analyze.”
So I think there’s increased opportunities for automation. And the way to get there, I think, is through cloud compute capabilities and to increasingly use more and more data to cybersecurity.”
Hear that and more from Prieto on how agencies are rethinking security in the cloud during the pandemic.
Listen to the podcast for the full conversation on how agencies are using analytics and the cloud to improve their overall security posture. You can hear more coverage of “IT Security in Government” on our FedScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by FedScoop and underwritten by Google Cloud.