“Just about every federal agency uses cloud computing to some degree,” as Federal News Networks’ Tom Temin reports. “Some no longer have their own data centers.”
To better secure cloud computing, MITRE connected with the Advanced Technology Academic Research Center, the Information Technology Acquisition Advisory Council, and the Cloud Security Alliance to launch the Cloud Safe Task Force and recently issued its recommendations. During an interview with Temin, Mari Spina, senior principal cybersecurity engineer, MITRE, and Dave Powner, director for the Center of Data-Driven Policy, MITRE, discussed the recommendations.
“It’s not really rocket science,” said Spina. “The issue generally is with management. It’s quite a difficult thing to manage. We’re also in an asymmetric battlefield. The adversary goes against our systems every day, all day finding our vulnerabilities. And we show up with compliance checklists and a point-in-time monitoring. We need to level that battlefield.”
On next steps for the task force, Powner noted, “If you look at our paper and our recommendations, there’s a nice roadmap, but we want to get into more specifics so that when legislation is being put in place and when there is an update to the cloud smart policy, we want to have even more meat on the bones. We’re having conversations with the key policymakers. And then we’re going to follow up with more detailed sessions of the task force. The next session will be in April, and we welcome anyone who has anything to add to this discussion to come and join us.”