DevOps, Information Dissemination, Safeguarding Sensitive Data and Data Monitoring Dominate Federal Security Practices in 2018
Secure data sharing remains a challenge among intelligence agencies and many other federal departments when dealing with highly sensitive information. Data sharing across departments, agencies, as well as state/local governments must meet the requirements of each agency, while ensuring that overall mission objectives are met.” The Axiomatics Federal team and I put together this list of security trends to look for in 2018:
DevOps will become more prevalent for large federal agencies who are accustomed to building their own software in 2018. This is mainly being driven by security concerns and the risk management framework. By having uniform development tools across the enterprise, security and operational risks can be mitigated for mission-critical applications since all the DevOps tools and processes have been evaluated, tested and approved.
2. Information Dissemination between Federal Agencies
Federal government entities are amassing large volumes of data and the direction given by the Office of the Director of National Intelligence (ODNI) means that best efforts must be made to share this data throughout the intelligence community, with exceptions needing to be justified and approved. To process these exceptions, agencies require metadata that describes aspects of the data to differentiate it from shareable data and policies must exist that can evaluate the characteristics (attributes) of the requester of the data, the data being requested, and what the requester wants to do with the data. An Attribute Based Access Control (ABAC) model can achieve this by considering the context of the access control request.
3. Securing Big Data Environments
Federal agencies have been inundated with so much data that they now need some level of data classification to determine if these data systems contain sensitive or regulated data that requires additional security. The rise of big data systems in the cloud adds an extra level of complexity. These systems will become much more distributed, making it difficult to manage the environment. Big data technologies are also continuing to evolve quickly – new data formats, new access techniques and protocols are difficult to keep up with from a security perspective. A key is to keep track of where the sensitive data is so that appropriate protections can be applied.
4. Data Monitoring to Prevent Security Breaches
Data monitoring will be a big theme as it continues to grow over time. Organizations should consider using data analytics, machine learning and Artificial Intelligence (AI), to identify anomalies that would otherwise go unnoticed by humans, helping to eliminate internal security threats. ABAC systems provide a wealth of activity log data that is used to enhance reporting and monitoring systems.
As the data explosion continues to have its effect on federal agencies, being able to manage and specify properly who should have access to data is a major priority. By implementing an ABAC approach, organizations can progress toward a responsibility to provide mindset to better disseminate and share actionable intelligence to the community.