Most agencies today use multiple clouds in addition to on-premises environments to house data and services. That makes it difficult to ensure security, especially when each environment has its own set of services and security policies. When that happens, it can easily cause security gaps and increase an agency’s attack surface. Multi-cloud environments can make other security challenges more likely, due to poor network visibility and complex security management.
The current and abrupt shift to remote work also has challenged security. While agencies did whatever they needed to do to get employees up and running remotely, some had to cut corners on security policies, for example, to make things happen. Over time, agencies run the risk of those ad hoc changes becoming the “new normal.”
“Out of necessity, some agencies accepted risk in the process of getting people to work remotely,” said Jim Richberg, Chief Information Security Office (CISO) for the public sector at Fortinet and a former federal executive for the federal intelligence community. “Now it’s time to take a second look and make sure that everything is fully secure.”
And as agencies work to combat cyber threats from all angles, many have adopted a variety of tools. Multiple studies find that most organizations have between 20 and 75 security solutions, each solving a separate problem. While these tools can help fight specific cybersecurity threats, they often don’t integrate well with one another, creating visibility problems and increasing the workload on overextended cybersecurity staff. Tool and complexity overload can significantly reduce cybersecurity effectiveness.
Solution: Cut Complexity With TIC 3.0
One of the best ways to start addressing these challenges is by turning to the Cybersecurity & Infrastructure Security Agency (CISA)’s TIC 3.0 use cases. Working from use cases that support mobile computing, cloud, branch and remote users, agencies can move forward to accomplish their IT and security goals, while meeting changing mission needs and embracing new technologies.
TIC 3.0’s direct-to-cloud use case, for example, lays out all of the functional elements necessary to create usable, secure, reliable cloud platforms. It provides agencies with the guidance they need to take better advantage of cloud technology, including closing visibility and security gaps that often result from inconsistent policy application to multiple cloud environments. It helps agencies understand which security policies and best practices are most important, shapes their IT cloud modernization with models such as zero-trust network access and builds capabilities for situational awareness, risk management and resilience.
TIC guidance for branch offices facilitates agencies’ use of software-defined wide area networking (SD-WAN) technology to directly connect approved traffic to the internet instead of relying on expensive, low-bandwidth connections such as T1 lines. Implementation of SD-WAN technology has been growing exponentially in the private sector due to its compelling combination of cost savings, better user service and operational flexibility. Without SDWAN, if an outage occurs, the traditional hub-and-spoke networking method requires IT staff at branch locations to manually fix problems and update capabilities.
With SD-WAN, the network software can automatically route around a problem, and can split traffic across multiple low bandwidth pathways to enable a composite higher bandwidth connection that can handle demanding applications like video conferencing. SD-WAN also allows agencies to manage both network and security operations for branch locations off-site and from a common control panel, which improves shared visibility and control.
The final TIC 3.0 use case revolves around remote users — something that is top of mind for agencies today as they grapple with defining their “new normal” operating posture post-COVID. Agencies want to ensure that remote workers’ computing platform, data access and transmissions are fully secure, and that agency networks can handle the load with acceptable capacity, performance and security.
With this guidance, agencies can directly connect remote users to the internet instead of having to “backhaul” to an agency’s network to pass through a trusted internet connection (TIC) or managed trusted internet protocol services (MTIPS). The best way to accomplish this is by using tools, including a virtual private network (VPN).