Why cyber resiliency might be your best cloud sales pitch

Despite the Cloud First directive of 2010 and Cloud Smart in 2019, it’s been a slow process migrating Federal systems to the cloud. It’s not for lack of capacity: providers such as Microsoft, Amazon Web Services, Google, and Oracle have all invested to create federal-compliant cloud capacity far beyond demand.

But, while Cloud Smart provides strong guidelines on how to migrate, many agencies haven’t felt a compelling motivation for such a move. Federal contractors can unlock cloud migration business opportunities by educating agency CIOs on how cloud platforms can enhance their cyber resilience.

Cyber resilience is an often-overlooked aspect of cybersecurity. No matter how many resources an organization devotes to cyber defenses, an attack on their systems will undoubtedly be successful someday. There are five attributes of cloud infrastructures that federal contractors should keep in mind that reinforce how migration to the cloud can unlock powerful resilience capabilities for mission critical systems.

1. Multiple availability zones

The cloud enables IT resources to be deployed across multiple geographically separate locations. This can help ensure that systems remain available and functional in the face of a cyber attack or failures caused by natural disasters. Each zone operates as a separate data center with its own distributed resources, enabling the system to continue to function even if one or more zones experiences an outage. If a cyber attack succeeds, the cloud system can automatically failover to a different zone without disrupting end users.

2. Dynamic response to Denial-of-Service attacks

The cloud can improve response to denial-of-service attacks through dynamic scaling or reprovisioning, automatically adjusting resources to handle increased traffic. More servers or resources can be automatically added to the system in real-time as the attack is happening. Dynamic scaling can be set up to monitor system traffic and adjust resources as needed. Similarly, the cloud can offer automatic reprovisioning, creating additional application instances in response to a sudden increase in demand. By distributing traffic load across multiple resources, the cloud can make it harder for attackers to overwhelm any single server or resource. Plus, these same techniques can be used to speed recovery from a DoS attack and quickly restore service to legitimate users, which is of critical importance to agencies, and something Federal contractors should be ready to assist with.

3. Zero trust architecture concepts

The zero-trust security model assumes that no user or device should be automatically trusted, regardless of their location or level of access. Access is granted only after verifying the identity of the user or device and assessing its level of trustworthiness. Contractors can help their agency clients understand that cloud architectures are well-suited for implementing a zero trust model through:

• Network segmentation: Cloud architectures can separate applications and services into different network segments, making it easier to control least privilege access and monitor traffic between segments.
• Identity and access management (IAM): Cloud solutions can be easily configured to implement techniques such as multi-factor authentication, session-based access, and role-based access control (RBAC).
• Encryption: Standard cloud architectures support the encryption of data at rest, as well as in transit, making it harder for attackers to corrupt or steal data.
• Centralized security management: Unified cloud architectures can centralize the monitoring and management of security across applications and services, ensuring policies are consistently enforced throughout the infrastructure.

4. Deception

The flexibility and scalability of cloud systems can be used to deceive attackers, misdirecting them, delaying, or preventing them from accessing sensitive data or systems. Federal contractors can help set up honeypots within the cloud to act as legitimate-looking decoys that trap, detect, or divert attackers. Deceptive data can also be used to lead attackers down the wrong path by intentionally setting up fake information to look like real data. These deception techniques make it more difficult for attackers to gain access to sensitive data or systems, and they help detect and respond to cyber attacks more quickly to minimize their impact.

5. Rapid detection and response

Rapid detection is an important component of resilience that takes advantage of cloud features to quickly detect and respond to threats, reducing the impact of cyber attacks and minimizing downtime.

• Real-time monitoring: Cloud-based systems are typically set up for real time monitoring of network traffic and system logs, which allows for early detection of cyber attacks and rapid response to potential threats.

• Advanced analytics: Cloud systems are particularly well suited for machine learning and artificial intelligence algorithms that can quickly detect anomalies in network traffic or user behavior that can indicate a cyber attack.
• Automated response: Cloud systems can be configured to automatically block malicious traffic or quarantine infected devices, reducing the time required to contain and remediate attacks.
• Collaborative threat intelligence: Cloud systems can share threat intelligence with systems throughout the cloud, allowing for faster response to emerging threats.

Federal contractors should share these points with the IT leaders across their customer enterprise, especially those that are on-the-fence about moving to the cloud or need additional business case rationale for migrating. Federal agencies that deploy their systems to the cloud can be more confident in their ability to continue supporting constituents even in the face of a relentless cyber attack.

Tracy Gregorio is the CEO of G2 Ops, Inc, a certified woman-owned small business that provides cloud migration, model-based systems engineering (MBSE) and security engineering solutions to the U.S. Navy, U.S. Coast Guard, U.S. Air Force, and numerous commercial businesses. She is the Cybersecurity Committee Chair of the Virginia Ship Repair Association and a board member of the Virginia Maritime Association and the Commonwealth Cyber Initiative. Ms. Gregorio earned an M.S. in Computer Science from Old Dominion University, a B.S. in Computer Science from Virginia Tech and a certificate in Cybersecurity: Technology, Application, and Policy from MIT.