Jon Tidwell, government strategic services lead at Mandiant, now part of Google Cloud, said government agencies looking to advance multicloud adoption to operate and manage workloads should take into consideration the use of automation and the need to address security concerns while meeting missions and organizational goals.
“A combination of basic cybersecurity hygiene and emerging technology, such as artificial intelligence, is crucial to securing data in a cloud infrastructure,” Tidwell wrote in an article published in Carahsoft.com.
He noted that a multicloud approach comes with new categories of security threats and those are people, processes and technology.
When it comes to technology, Tidwell stated that organizations should use cloud-specific security platforms within each cloud service provider to ensure security within each cloud environment.
The Google Cloud executive called on agencies to “understand the various on-ramps for which identity can be leveraged to access cloud-based resources and services.”
“Cloud can mitigate those risks by employing phishing-resistant technology, such as token-based logins or anomaly detection using AI, without complex integrations of third-party software,” he added.
Tidwell discussed how the consolidation of cyberthreat data and security logs into a single place and use of tools like Google’s Duet AI, BigQuery and Chronicle could help agencies improve cloud security.
The government strategic services lead cited the Google Cloud Security AI Workbench and how it could help security operations teams enhance threat detection and response work.