Cloud Hosting

Despite the Cloud First directive of 2010 and Cloud Smart in 2019, its been a slow process migrating Federal systems to the cloud. Its not for lack of capacity: providers such as Microsoft, Amazone Web Services, Google, and Oracle have all invested to create federal-compliant cloud capacity far beyond demand.

But, while Cloud Smart provides strong guidelines on how to migrate, many agencies havent felt a compelling motivation for such a move. Federal contractors can unlock cloud migration business opportunities by educating agency CIOs on how cloud platforms can enhance their cyber resilience.

Cyber resilience is an often-overlooked aspect of cybersecurity. No matter how many resources an organization devotes to cyber defenses, an attack on their systems will undoubtedly be successful someday. There are five attributes of cloud infrastructures that federal contractors should keep in mind that reinforce how migration to the cloud can unlock powerful resilience capabilities for mission critical systems.

The cloud enables IT resources to be deployed across multiple geographically separate locations. This can help ensure that systems remain available and functional in the face of a cyber attack or failures caused by natural disasters. Each zone operates as a separate data center with its own distributed resources, enabling the system to continue to function even if one or more zones experiences an outage. If a cyber attack succeeds, the cloud system can automatically failover to a different zone without disrupting end users.

The cloud can improve response to denial-of-service attacks through dynamic scaling or reprovisioning, automatically adjusting resources to handle increased traffic. More servers or resources can be automatically added to the system in real-time as the attack is happening. Dynamic scaling can be set up to monitor system traffic and adjust resources as needed. Similarly, the cloud can offer automatic reprovisioning, creating additional application instances in response to a sudden increase in demand. By distributing traffic load across multiple resources, the cloud can make it harder for attackers to overwhelm any single server or resource. Plus, these same techniques can be used to speed recovery from a DoS attack and quickly restore service to legitimate users, which is of critical importance to agencies, and something Federal contractors should be ready to assist with.

The zero-trust security model assumes that no user or device should be automatically trusted, regardless of their location or level of access. Access is granted only after verifying the identity of the user or device and assessing its level of trustworthiness. Contractors can help their agency clients understand that cloud architectures are well-suited for implementing a zero trust model through:

The flexibility and scalability of cloud systems can be used to deceive attackers, misdirecting them, delaying, or preventing them from accessing sensitive data or systems. Federal contractors can help set up honeypots within the cloud to act as legitimate-looking decoys that trap, detect, or divert attackers. Deceptive data can also be used to lead attackers down the wrong path by intentionally setting up fake information to look like real data. These deception techniques make it more difficult for attackers to gain access to sensitive data or systems, and they help detect and respond to cyber attacks more quickly to minimize their impact.

Rapid detection is an important component of resilience that takes advantage of cloud features to quickly detect and respond to threats, reducing the impact of cyber attacks and minimizing downtime.

Federal contractors should share these points with the IT leaders across their customer enterprise, especially those that are on-the-fence about moving to the cloud or need additional business case rationale for migrating. Federal agencies that deploy their systems to the cloud can be more confident in their ability to continue supporting constituents even in the face of a relentless cyber attack.

Tracy Gregorio is the CEO of G2 Ops, Inc, a certified woman-owned small business that provides cloud migration, model-based systems engineering (MBSE) and security engineering solutions to the U.S. Navy, U.S. Coast Guard, U.S. Air Force, and numerous commercial businesses. She is the Cybersecurity Committee Chair of the Virginia Ship Repair Association and a board member of the Virginia Maritime Association and the Commonwealth Cyber Initiative. Ms. Gregorio earned an M.S. in Computer Science from Old Dominion University, a B.S. in Computer Science from Virginia Tech and a certificate in Cybersecurity: Technology, Application, and Policy from MIT.

Here is the original post:
Why cyber resiliency might be your best cloud sales pitch - Washington Technology