Inside Cybersecurity: MITRE-led task force proposes plan for cloud service providers to share security data with government

As covered by Inside Cybersecurity, "The federal government can boost critical infrastructure cybersecurity by launching a pilot program with cloud service providers (CSPs) to establish a centralized feed of security data, according to a task force led by MITRE and the Cloud Security Alliance."

The Cloud Security Task Force published its latest recommendations

MITRE cyber engineer Mari Spina and David Powner, executive director of MITRE’s Center for Data Driven-Policy, spoke with Inside Cybersecurity about the task force recommendations.

The idea of creating a unified cyber feed arose in an April task force meeting, according to Spina, who outlined how the group’s approach to cloud security issues “evolved” to address how to provide the government with additional visibility from CSPs.

Spina said, “Eighty to ninety percent of adversary behavior has moved to the cloud, but it’s not necessarily seen by cloud consumers. It’s typically seen by the cloud service provider first before it hits the consumer environments, so the data is sort of stuck behind a vendor wall, and the government doesn’t get to see it.”

CSPs “volunteered their cyber dashboards” at the task force meeting to address a lack of federal visibility into cloud security, Spina explained. A second meeting was held in July to refine the details of the proposal.

There are strong benefits for CSP participation under the proposed model, Powner said. He explained, “If they’re all providing their real-time dashboards, now it gets aggregated, and Google gets what Oracle has or what Amazon has.”

Powner added, “Google, Microsoft, IBM, and Oracle have participated in Cloud Safe Task Force events and support the establishment of a National Cyber Feed.”