This article is an excerpt from GovLoop’s recent guide, “Your Guide to Cloud Security in Government Today: Making the Most of FedRAMP.” Download the full guide here.
Government today faces more adversary automation than ever. Not knowing where to start, government agencies often (erroneously) think hiring more people is the answer.
“Thanks to the growing automation of attacks, the volume, variety, velocity and complexity of threats are continuing to accelerate,” said Tom Conway, Director, Federal Business Development, at Palo Alto Networks, a leader in cybersecurity products that use automation to prevent threats across networks, clouds and endpoints.
GovLoop sat down with Conway to better understand how agencies can reduce their cyber risk in cloud environments. Government continues to embrace cloud to reduce operating and maintenance (O&M) costs and to create services with more agility. Their data and applications often span different clouds and services.
How can government ensure effective security for cloud? Cloud security is a shared responsibility between the cloud provider and the agency. Providers offer only basic native security services and specific to only their cloud environment. This generally won’t satisfy immediate or longer term requirements for multi-cloud, visibility, compliance and threat prevention. The outcome: limited visibility, increased operational overhead to configure and maintain security for each unique cloud environment, fragmented compliance and increased risk.
The good news: Agencies can extend threat prevention holistically across their cloud (private, SaaS, IaaS, and PaaS) environments with Palo Alto Network’s swift, comprehensive malware analysis service, WildFire. WildFire is an advanced analysis and prevention engine for highly evasive zero-day malware and exploits. The cloud-based service employs a unique multi-technique approach that combines dynamic and static analysis and innovative machine learning techniques.
Using data and threat intelligence from the industry’s largest global community, the service identifies first-time-seen threats, performs advanced analysis and immediately shares protections across the network, endpoint and cloud. The services ensure data privacy through flexible data collection options.
“We’ve turned the automation game around: using automation (not people) to fight an automated adversary,” said Conway. “We’re really using technology that practitioners often think is years off.”
This automation reduces the load on already-taxed teams, swiftly addressing new threats in less than five minutes and saving significant time, reducing events per hour to which any analyst must respond. Security analysts can focus on what matters – the much lower number of the most sophisticated threats that require human intervention.
“When it achieves its impending final FedRAMP ATO milestone, WildFire will be the only cloud-based malware analysis service certified for the federal government,” said Conway. “The FedRAMP-ready status reaffirms our company’s commitment to supporting our federal government customers in securely transitioning to public cloud services.”