The Agency-Wide Adaptive Risk Enumeration algorithm is already ingesting data, and the Department of Homeland Security plans to put it into production heading in FY2020.
The general formula for cloud security is to determine the risks, mitigate them and then keep constant vigilance to spot and stop threats.
The Department of Homeland Security wants to prevent forgeries in the certificates and licenses issued by Customs and Border Protection, Citizen and Immigration Services and the Transportation Security Administration.
Researchers are developing algorithms that can detect when malware uses adversarial machine learning to attack networks and evade detection.
The National Institute of Standards and Technology recently issued a practice guide showing two ways federal employees using mobile devices could be authenticated to access secure information systems and applications.
Defending against phishing attacks involves a combination of policies, procedures and controls.
Despite privacy concerns, many officials envision people using digital licenses not only for traffic stops and airport ID but also in bars, banks, doctor’s offices and as voter ID at polling places.
Even with government and industry working on quantum-resistant encryption, getting any solutions rolled out will take time and a massive effort.
Besides protecting systems from automated attacks, agencies must also guard against data being physically removed from the building.
A holistic approach that tears down the traditional silos of backup and recovery, security and infrastructure management will ensure the security of data in the cloud.