Evolving Government Security Architectures - Presented by Fortinet Federal Archives | FedScoop https://fedscoop.com/special/evolving-government-security-architectures/ FedScoop delivers up-to-the-minute breaking government tech news and is the government IT community's platform for education and collaboration through news, events, radio and TV. FedScoop engages top leaders from the White House, federal agencies, academia and the tech industry both online and in person to discuss ways technology can improve government, and to exchange best practices and identify how to achieve common goals. Wed, 03 Jan 2024 15:03:27 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.4 https://fedscoop.com/wp-content/uploads/sites/5/2023/01/cropped-fs_favicon-3.png?w=32 Evolving Government Security Architectures - Presented by Fortinet Federal Archives | FedScoop https://fedscoop.com/special/evolving-government-security-architectures/ 32 32 TSA and Fortinet Federal leaders on the journey to zero trust https://fedscoop.com/video/tsa-and-fortinet-federal-leaders-on-the-journey-to-zero-trust/ Thu, 04 Jan 2024 20:30:00 +0000 https://fedscoop.com/?post_type=video&p=75434 Executives Dan Daly and Felipe Fernandez on the constraints of funding and intricate network landscapes, and the crucial role of stakeholder engagement in achieving zero trust.

The post TSA and Fortinet Federal leaders on the journey to zero trust appeared first on FedScoop.

]]>

Zero-trust security architecture is the new norm for safeguarding federal agencies and their data. However, challenges loom large in aligning with the Administration’s zero-trust mandates, especially as it sets ambitious targets for 2024.

Dan Daly, deputy director for information assurance and cybersecurity for the Transportation Security Administration, and Felipe Fernandez, CTO for Fortinet Federal, recently joined FedScoop to share their insights on the government’s zero trust journey.

One of the primary obstacles Daly highlighted is the intricate process of transitioning from existing legacy environments to the new zero-trust architecture. The federal government’s budgeting process, spanning over five years, poses a significant hurdle, making it challenging to swiftly adjust security postures and budgets to align with the comprehensive zero-trust framework. Despite the executive order allowing a few years for compliance, the practicality of executing this transition within budgetary constraints remains a substantial concern for agencies.

Fernandez emphasized the importance of a cultural shift within federal agencies to ensure successful zero-trust implementation. Executive adoption of zero-trust principles and a collective commitment at all levels are crucial for overcoming inertia and achieving a unified approach to security. The complexity of agency networks, characterized by multiple enclaves with varying degrees of intricacy, further complicates the implementation of a centralized zero-trust approach.

“There’s not just one technical solution for an entire zero-trust principle or set of principles. At times, you’re going to have to get two different solutions, three different solutions, or accept risk in various elements. And that’s just the challenge of where we are,” Fernandez said.

Daly highlighted how TSA has made significant strides in zero-trust initiatives. “Fortunately, our administrator was fully supportive from the beginning, allowing us to secure approval for a resource allocation…This approval gave us the necessary resources to dedicate a team to zero trust, unlike many other agencies that had to divert existing personnel from ongoing cybersecurity responsibilities to adopt this new paradigm.”

Learn more about evolving government security architectures.

This video panel discussion was produced by Scoop News Group, for FedScoop and underwritten by Fortinet Federal.

The post TSA and Fortinet Federal leaders on the journey to zero trust appeared first on FedScoop.

]]>
75434
CFPB and Fortinet Federal share strategies for navigating cyber frontier https://fedscoop.com/video/cfpb-and-fortinet-share-strategies-for-navigating-cyber-frontier/ Wed, 13 Dec 2023 20:30:00 +0000 https://fedscoop.com/?post_type=video&p=75231 In the ever-evolving cybersecurity landscape, federal agencies are grappling with the challenges of modernization and bolstering their cyber defenses. Despite commendable strides across government, skills gaps and data silos continue to plague agencies’ ability to mitigate threats. In a recent discussion, Tina Rodrigue, chief information security officer at the Consumer Financial Protection Bureau (CFPB) and […]

The post CFPB and Fortinet Federal share strategies for navigating cyber frontier appeared first on FedScoop.

]]>

In the ever-evolving cybersecurity landscape, federal agencies are grappling with the challenges of modernization and bolstering their cyber defenses. Despite commendable strides across government, skills gaps and data silos continue to plague agencies’ ability to mitigate threats.

In a recent discussion, Tina Rodrigue, chief information security officer at the Consumer Financial Protection Bureau (CFPB) and Fortinet Federal’s CTO Felipe Fernandez, shed light on the strategies employed by their organizations to enhance cybersecurity resilience.

Tina Rodrigue highlighted CFPB’s successful transition of approximately 70% of applications to the cloud, emphasizing the importance of being not just “cloud first” or “cloud smart” but “cloud best.” The organization’s cloud-hopping approach ensures the continuous evaluation and enhancement of security measures. Lessons learned include maintaining a value-driven approach, ensuring functionality remains secure and swiftly adapting to any evolving threat landscape.

Rodrigue underscored the role of cloud-based infrastructure in achieving true resilience. “We were lucky that as we moved through and into the pandemic, we could pivot on a dime and achieve true resiliency both on our human front and our technology front. And it was because we were cloud-based. So, we have actually expanded how cloud deployed we are, which has allowed us to be more resilient so that local disruptions in infrastructure or anything along that line are not disruptive to our mission.”

Depending on the chosen cloud provider, the controls and risks vary. Fernandez discussed the significance of integrated architecture and stressed the need for adaptive cybersecurity controls, policies and architectures that seamlessly evolve with changes in applications, cloud providers and service platforms.

“When you consider cyber resilience, you need to consider the ability to adapt and respond and be aware of threats for all of these changes. That way, agencies are not slowed down by the desire for change or the inherent risks of moving to a new application,” Fernandez explained.

He emphasized that a resilient cyber architecture enables agencies or users to adjust their cybersecurity controls, risks, and policies in response to changes in applications, the cloud, and service providers. By integrating cloud and managed service providers into the cybersecurity architecture, agencies can confidently and swiftly adapt to evolving circumstances, meeting the mission requirements efficiently.

Fernandez and Rodrigue shed light on practical strategies to strengthen resilience, from cloud adoption best practices to the role of integrated architectures. The key takeaway is the need for continuous adaptation and prioritization to stay ahead in the dynamic cybersecurity landscape. By fostering a culture of cyber resilience and embracing innovative approaches, federal agencies can enhance their capabilities to anticipate, withstand and recover from cyber threats.

Watch the full panel for security insights and learn about evolving government security architectures.

This video panel discussion was produced by Scoop News Group, for FedScoop and underwritten by Fortinet Federal.

The post CFPB and Fortinet Federal share strategies for navigating cyber frontier appeared first on FedScoop.

]]>
75231
Strengthening security resilience through the power of automation https://fedscoop.com/video/strengthening-security-resilience-through-the-power-of-automation/ Tue, 20 Jun 2023 19:30:00 +0000 https://fedscoop.com/?post_type=video&p=69559 Dept. of Education CISO Steven Hernandez and Fortinet Federal CTO Felipe Fernandez discuss using automation to respond more effectively to cyber threats.

The post Strengthening security resilience through the power of automation appeared first on FedScoop.

]]>

Threat actors are growing more specialized and sophisticated in their attacks, which requires an increasingly proactive posture from the federal government.

In a new panel discussion, Department of Education CISO Steven Hernandez and Fortinet Federal CTO Felipe Fernandez discuss how automation is helping agencies respond more effectively to cyber threats.

Hernandez noted that cybercriminals now have access to “marketplaces for automated attacks,” driving new defensive tactics to keep pace.

“We have security, orchestration, automation and response, which is really taking the actions in the SOC — our security operations center — and automating them, you know, taking 80% of the load off the human and letting the machine do that work,” he explains. However, he adds that his department continues to work on modulating their defenses “so that we’re constantly evolving [and threats] don’t get through in the first place.”

Fernandez added that with the advancement of AI, even cybercriminals with limited experience have a more accessible entry into cybercrime.

“While we can scoff at the…low quality of code, the truth is that [with AI] right now and forever, the code is learning how to write better code. So, at some point, this is going to be [both] efficient and effective,” he warns.

Hernandez and Fernandez discussed the growing importance of data and how this will largely shape strategies and cybersecurity postures moving forward.

“We spend so much time talking about protecting confidentiality, but our lives at the pinnacle are really about three things — confidentiality, integrity and availability. And when we talk about resilience, we’re really talking about that availability piece,” explained Hernandez. “Automation can play an incredible role in making sure that our systems are resilient.”

Watch the full panel to hear more security insights and learn more about evolving government security architectures.

This video panel discussion was produced by Scoop News Group and FedScoop and underwritten by Fortinet Federal.

The post Strengthening security resilience through the power of automation appeared first on FedScoop.

]]>
69559