CISA CTO Highlights Importance of Visibility in Cloud Transition
Cybersecurity officials have emphasized the importance of visibility in ensuring a streamlined and secure transition to the cloud.
Brian Gattoni, chief technology officer at the Cybersecurity and Infrastructure Security Agency, said "visibility is where security is going to start. If you can't see it, you can't protect it," GovernmentCIO reported.
Gattoni pointed to how CISA relies on its Continuous Diagnostics and Mitigation tool to perform telemetry and ensure visibility.
According to him, CDM leverages orchestration, automation and automated response capabilities to explore who and what has access to CISA's networks.
"Then we extend that capability to the cloud to ask the same questions, then possibly start sharing playbooks the types of analysis or analytics to quickly respond to the same threat even if it's coming through different vectors," Gattoni said.
He added that he expects telemetry tools like CDM to help bring standardization to other federal departments.
Gattoni also explained the advantages and limitations of using emerging technologies such as artificial intelligence, machine learning and automation for finding vulnerabilities and threats, saying such tools are useful but must not be relied on as catch-all measures.
The coronavirus pandemic, Gattoni added, has given federal agencies more reasons to urgently shift their operations to the cloud. He said a robust identity and credential access management system must be implemented early in the transition.
“If you can get that correct in your shift from your legacy environment to your cloud environment, you will get benefits down the road. If you can get that in play, you'll be in a much better position. If you don't, you're going to add heaps to challenges to your security professionals,” Gattoni said.
Category: Popular Voices
Tags: artificial intelligence automation Brett Goldstein Brian Gattoni CDM cloud cloud migration Continuous Diagnostics and Mitigation credential access Cybersecurity and Infrastructure Security Agency Government CIO Media IT Modernization machine learning Popular Voices