In the last few years, we’ve seen various federal governments warning up to the cloud. For instance, The United States and the United Kingdom have both instituted “cloud first” policies with regards to the adoption of cloud technologies. The Canadian federal government’s Information Technology Strategic Plan for 2016-2020 takes a more pragmatic approach by providing public sector chief information officers the option to utilize on-premises tech platforms and well as cloud services.
Despite advances in cybersecurity technologies concerns remain among government agencies about how secure the cloud is. However, there are numerous strategies that IT and cybersecurity leaders in the public sector can adopt in order to bolster their organization’s cloud security posture, according to Tony Lauro, senior enterprise security architect for cloud services provider, Akamai Technologies.
Lauro recently discussed the cyber threat landscape and cybersecurity strategies for government agencies with the Canadian Government Executive.
“A lot of agencies are spending a lot of money to move to the cloud,” he said. “…if an organization is using the Internet to run communications or business transactions, that organization can potentially be affected by cyber threats.”
In this podcast, Lauro talks about the pros and cons of employing a cloud provider and recommends several cybersecurity best practices for government agencies contemplating cloud moving their workloads to the cloud.
Here are three cloud security items government CIOs should keep in mind:
Web traffic – Akamai, which provides content delivery services for media and software delivery, as well as cloud security solutions, recommends that federal and local agencies should be vigilant in properly identifying Web traffic within their IT environment to protect their organization’s cyber asset from dangers distributed denial of services (DDoS) and ransomware attacks.
The growing numbers of the Internet of Things devices that are connecting to government Web sites make it increasingly harder for provincial and federal government agencies to monitor Web traffic.
IT departments need to have a method to identify what their agency’s baseline user activity looks like. With this data, they can create security controls good data and be able to keep out potentially harmful Web traffic.
Know the common threats – Agencies need to gather intelligence on common threats and hackers targeting the public sector, according to Lauro. Malicious search engines and botnet which aim to break into critical government infrastructures abound and it is difficult to keep track of all the new threat, he said. However, cloud vendors such as Akamai can provide government agencies with software that help them monitor malicious Internet Protocol addresses and the latest cyber attacks.
Threats from within – IT and cybersecurity administrators should also be wary of potential insider threats. Legitimate system users may be intentionally leaking documents or inadvertently be letting attackers in by opening seemingly innocuous emails and attachments that could contain malware.
Lauro said the most basic method of preventing this is through the use of recursive DNS solutions. These tools automatically inspect outbound Internet request from an agency. The solution will block suspicious activities such as those requesting for malicious software.
Akamai has a system that flags the activity before a browser can download the malware. The software will also notify the administrator of a potential cyber attack in progress, and automatically block the attack. This is then coupled with the intelligence that Akamai gathers about common web threats to efficiently root out cyber attacks before they even occur.