The latest cloud infrastructure announcements, technical solutions, and enterprise cloud insights.
-
Public Sector and Government,
Security Strategies
June 17, 2020
Smarter Security for Better-Protected Governments
Business, healthcare, finance, and government agencies federal, state, and local alike have witnessed the wrath of cyber-attacks. According to a 2019 report from the U.S. Conference of Mayors, there have been more than 170 recorded ransomware attacks against state and local government entities since the malware first appeared in 2013. Today, there’s no doubt that cybersecurity is the number one priority for every agency chief technical officer (CTO), chief information officer (CIO), and IT manager.
Data security threats are a serious concern for any organization. However, the risks are potentially greater for government agencies. Government systems store personal information for millions of people and businesses: Social Security numbers, birth certificates, driver’s license information, bank account information, and credit card numbers.
In a way, it’s simple math: cybersecurity risks are directly proportional to the amount and type of data. Yet, government investments in data security are severely lacking. Many government agencies still rely on perimeter-based security controls, such as firewalls, intrusion detection systems, and antivirus software. These tools are no longer adequate in today’s heightened threat environment.
Something Better to Protect Information
While conceiving the next-generation cloud for governments at Oracle, we put risk scenarios and security considerations at the forefront, offering organizations better security than they can obtain in their own data centers. As my colleague, Jerry Niemeyer, Director of the Public Sector of Oracle Cloud Infrastructure, explains,
“Today, governments that migrate to cloud have an opportunity to improve their overall security posture at the same time.”
Our research also revealed that government agencies are often understaffed and working to maintain antiquated systems. These problems make them highly vulnerable targets if they don’t modernize their IT systems.”
Jerry had a valid point, when he asked,
“Do you want to spend your time patching a server, an application, or an operating system? Do you want to spend a lot of time learning how to implement new features, or do you just want to use them?”
He elatedly declared,
“Autonomous services take care of all that automatically, enabling your team to focus on things like delivering new services to citizens and employees while ensuring a high level of security at the same time.”
Using Automation and Artificial Intelligence (AI) to Improve Security Posture with Next-Generation Cloud
Next-generation cloud solutions with autonomous capabilities are a great opportunity to concurrently automate security practices and significantly improve the security posture of government agencies. How?
With the experiences and lessons learned over more than a decade, cloud solutions have matured. Next-generation cloud solutions like Oracle Cloud Infrastructure are built with the following security measures:
- Multilayered defense: The next-generation cloud infrastructure is built with multiple layers of security and defense. These advances allow organizations to include better security measures than in their own data centers.
- Highest security by default: Next-generation cloud includes layered controls that provide exceptional resilience. If a vulnerability is discovered and exploited in one layer, the unauthorized user is confronted with another security control in the next layer. Also, the highest security bar is set by default. These security refinements go a long way toward strengthening the broader infrastructure.
- AI automation: The next-generation cloud also enables organizations to employ advanced technologies, such as AI-based applications, machine learning-integrated security, automated analytics, and autonomous capabilities. An autonomous database uses machine learning to automate database tuning, security, backups, updates, and other routine management tasks, traditionally performed by administrators.
- Built-in disaster recovery: Automation capabilities can also help agencies enhance disaster recovery capabilities, providing them protection from unplanned disruptions, both physical and virtual. Next-generation cloud and autonomous capabilities present an inexpensive alternative for agencies that don’t have a disaster recovery site, have limited monetary and personnel resources, or don’t want to deal with the complexity of managing a remote data center
As Jerry points out:
“Remember when backups were a separate IT organization, with specialized people, tools, and hardware? Now it’s a button.”
Going Forward
Given the growing sophistication of threat actors today, government agencies must focus on strengthening the infrastructure, rather than just securing the perimeter. Doing so effectively means using the benefits of next-generation cloud, including the automation it enables, to improve security, reliability, and operational efficiency. Learn more about how government organizations can apply the benefits of Oracle next-generation cloud.