As Government Cloud Adoption Reaches Inflection Point, Cyber Teams Must Prepare

September 27, 2018

Cloud adoption among government agencies is reaching an inflection point. Driven by the cloud’s cost-efficiencies and ability to offer an improved citizen experience, faster delivery of mission capabilities, agile development, and scale applications up and down, much of the initial reticence about cloud models is dissipating.

FedRAMP has played a big part in accelerating cloud adoption. FedRAMP’s security controls dictate standards for cloud service providers (CSPs) and to date 114 CSPs are authorized and 68 are in process. Yet, concerns about cloud security persist and rightly so.

The Dichotomy of Cloud Security

The cloud shared responsibility model reminds us that CSPs are only responsible for security in the cloud (compute, storage, database, infrastructure, etc.) while agencies themselves are responsible for everything that goes in the cloud (virtual machines, platforms, apps and data).

And that shared security model brings with it many challenges. First, most cloud security breaches occur due to a lack of visibility or mismanagement by government customers. Second, traditional network perimeter security methods that rely on chokepoints aren’t resilient and don’t work for cloud-native apps. Last, because of the ephemeral nature of cloud workloads and the increased speed of software delivery, manual security configuration no longer works.

The Cloud Brings New Vulnerabilities

There’s a pressing need to fix these challenges. The cloud is changing the threat landscape. Thanks to next gen anti-virus tools, malware is no longer the dominant threat faced by organizations. According to the 2018 CrowdStrike Global Threat Report, 61% of breaches are a result of non-malware attacks, often a result of misconfigured clouds or unpatched systems.

Once an adversary gets a foothold in your environment, the security operations challenge grows more complicated. CrowdStrike has established that the average “breakout time” (the time it takes an intruder to move laterally to other machines in the network) is one hour and 58 minutes. This statistic shows how much time on average defenders have to detect the initial intrusion, investigate it and eject the attacker from the network before they bury themselves deeper and steal or destroy sensitive data, which can make remediation much more complex.

But what if you could detect an intruder in one minute whether it’s in a cloud or on-premise environment, and within 10 minutes analyze the problem, and them make a decision so that within 60 minutes you can remediate and stop that adversary?

Forging a Roadmap for Cloud Security

Cloud security guidance such as the NIST Cloud Security Framework (CSF) offers a good roadmap for building out a cloud security program for public sector multi-cloud environments, but it’s also important to factor in endpoint protection that’s purpose-built for the cloud. Both approaches were discussed in a recent webinar from the government team at CrowdStrike and is now available on-demand. Supporting Government Missions: Transforming Cybersecurity with the Cloud explores the crucial security issues impacting today’s public sector organizations as they move more of their workloads to the cloud.

Experts also discuss the many benefits of a single platform that aligns with NIST’s CSF and encompasses endpoint security, security operations, and threat intelligence across the enterprise and the cloud, without impacting the user experience or mission assets.

Secure Federal Clouds with Year-End Dollars Before They Expire

With federal fiscal year-end fast approaching, learn more about how you can make smart procurement decisions and address the critical need to achieve secure and resilient endpoint security for cloud environments.

To learn more about any of these solutions or request a quote ahead of year-end, visit our FFYE resources page.