Strengthening cloud service capabilities over the past year has been an important step for Federal agencies to both deal with pandemic-era network service demands, and bolster cybersecurity by meeting requirements of the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program while using cloud services.
That was a core message from James Saunders, CISO at the Small Business Administration, and Alisha Johnson, Headquarters Cloud Program Manager at the Department of Homeland Security, in discussions on Feb. 2 at ATARC’s Cloud Virtual Summit.
“Some of our success around cloud is we partnered with DHS CISA to challenge the way that we do CDM, and we found that you can do CDM in the cloud,” said Saunders. He added that agencies should do business in the cloud so long as it’s approached intelligently, does not waste money, and is accomplished without opening up security risks.
“We are working closely with CISA to host continuous diagnostics and mitigation so that CDM is now on our Amazon cloud factory platform,” said Johnson. “So, it’s happening, and this is something that started after we went out in March 2020 – we did not stop the work we were doing. And we continue to onboard customers.”
Going forward, Johnson also addressed hiring by saying that she hopes for a reversal in hiring freeze trends so that DHS can add more people to address cloud efforts.
“We all – I think – across the board have the security concerns that we’re fighting individually and collectively, but the IT resources have been a bit of a struggle because of the hiring freezes that we’ve experienced with the previous administration,” said Johnson.