As the nature of the Federal government’s work environment has changed due to the coronavirus pandemic, building cyber resiliency in cloud infrastructures has been essential to maintaining mission operations, agency officials said.
“I would say – especially in these last six months – the way that we work has just fundamentally changed from six months ago,” said Ashley Mahan, the General Services Administration’s Technology Transformation Services Director for Secure Cloud Portfolio and FedRAMP, at ACT-IAC’s ReImagine Nation ELC 2020 virtual event.
“The increase in that virtual work has certainly emphasized the value of secure cloud offerings as cloud has really been that enabler of our missions, and continuing to fulfill our missions during this time so it’s helped us become incredibly resilient,” she said.
Mahan explained that cloud-based infrastructure has helped maintain resiliency, and working with cloud service providers during the COVID-19 pandemic has helped maintain mission goals.
“During this time, everybody has just been coming together, working together, exchanging and collaborating [on] security information as new threats have emerged and communicating with government, informing them, and FedRAMP has been right there with everybody trying to help that facilitation,” Mahan said.
Sean Connelly, Trusted Internet Connections Program Manager at the Cybersecurity and Infrastructure Security Agency (CISA), said that cloud capabilities have allowed for mission flexibility.
“We talk about cloud resiliency – I think a lot of times we think about availability,” he said. “But really resiliency is just a means to the end – mission continuity,” Connelly said. As one example, he offered up the Small Business Administration’s (SBA) shift to cloud service in recent years, and how SBA under its former CIO Maria Roat put the agency in a good position to profit from the resulting flexibility that cloud services provided, especially during the pandemic.
“There was a confidence that we had in Maria’s team, and their vision because of what they did over that two- or three-year term, and again it goes back to the cloud,” Connelly said. “That mission resiliency that was now available to SBA may not have been there if they had their operations posture of two-three years ago,” he said.