Cloud Security Learn more at Carah.io/SAP-NS2-FedRAMP-FCW
Cloud: One size
does not fit all
Agencies need a blend of people, processes and technology that meets their specific mission needs
Ted Wagner
Vice President and CISO, SAP National Security Services
CLOUD IS NOT A ONE-SIZE-FITS-ALL solution. Instead, finding the right fit depends on knowing agencies’ customers, the type of information they’re processing and
their user base. Then it’s a question of aligning what the customer needs with the cloud offerings that are available.
FedRAMP has been very successful at making that fit easier. The program brings transparency and consistency to the government’s use of cloud technology. Agencies know that an authorized company’s product or service has been rigorously reviewed under FedRAMP and that the government’s continuous monitoring program will provide information about how vulnerabilities are mitigated during the term of service.
Keeping threats at bay
An effective security monitoring strategy starts with intelligence. For agencies, that means being mindful of the threat actors that are probing the network perimeter and responding accordingly. Threat intelligence platforms integrated with security information and event management tools can automate security monitoring with threat intelligence to further strengthen agencies’ ability to monitor and adapt.
The day-to-day blocking and tackling of cybersecurity includes good configuration management, access control and identity management, which can result in strong security. But for cloud security to rise above the dangers in the digital landscape, agencies must find the right balance of people, processes and technology.
At SAP National Security Services, we work hard to get the process right, attract great people and leverage the best available technology, which enhances our ability to identify threats and keep them at bay.
For security monitoring, we rely on automation, machine learning and behavior analytics to analyze data and make those insights available to a team of subject-matter experts. That approach enables us to be more effective, efficient and secure.
We also share insights with our industry peers and have outside consultants double-check our work through periodic assessments.
A customized strategy for success
In addition, we incorporate the strategies of industry leaders. In particular, the cloud aspects of MITRE’s ATT&CK Matrix, which expounds on the concepts first articulated in Lockheed Martin’s
Cyber Kill Chain, have helped us structure how we perform security monitoring.
SAP NS2’s work on behalf of our federal civilian and defense customers has attracted the attention of the commercial sector, which is hearing from customers and other stakeholders that security matters. Failure can be expensive and, in some cases, catastrophic. By aligning our solutions with individual customers, we can ensure everyone’s success.
Ted Wagner is vice president and chief information security officer at SAP National Security Services.
Make More Confident Decisions by Leveraging Secure Cloud Solutions with SAP NS2.
877-972-7672 info@sapns2.com www.sapns2.com
Now, let us help you.
Learn more at sapns2.com/cloud
S-24 SPONSORED CONTENT
FCW - Ad - July 2020_jj7.indd 1
6/5/20 3:08 PM