CYBERSECURITY & MODERNIZATION
 EXECUTIVE VIEWPOINT
A Conversation with
SYED AZEEM
  SYED AZEEM
Senior IT Project Manager, General Services Administration
The senior project manager at GSA’s Federal Systems Integration and Management Center talks about
balancing cybersecurity and modernization
How can IT managers balance the need to secure legacy systems while modernizing their IT infrastructure? One thing agencies need to do is rationalize their overall IT portfolios and consolidate the functionality around a select group of key systems or applications that can be based on a common mission area or on common user or stakeholder groups. This will not only reduce the overall attack surface that adversaries could potentially exploit, but it will also enable a renewed focus on ensuring that the right level of security investment and attention is being paid to the critical data that’s housed in these systems.
A second strategy would be leveraging the greater economies of scale and potentially enhance security with cloud-based solutions. Certainly, cloud service providers are able to funnel the right kind of resources into security and spread those across numerous customers, and they’re able to do that much better than the government can.
Last but not least, another strategy for small agencies might be to take advantage of security-as-a-service solutions wherever it makes sense.
How can modernization
enhance security?
IT modernization and cybersecurity
really ought to go hand-in-hand. When modernization planning is done thoughtfully, the overall security posture for the organization improves dramatically.
When agencies are analyzing and comparing different products and technologies, what IT managers should keep in mind or pay close attention to are what built-in security features and solutions are available and also the compatibility of
bolting on third-party solutions for current and future needs.
What emerging technologies can help agencies improve their cybersecurity postures?
With the rise of tactical AI and machine learning solutions, agencies really need to start looking at these tools to enable better cybersecurity.
Another tool is behavioral analytics. It can help the security analyst be notified when there are behaviors that are out of the norm for privileged users. AI-enabled security tools can really allow the cybersecurity team to gain intuitive insights in real time, and that can be a great force multiplier.
What technologies are you keeping an eye on?
The lines are being blurred between physical control systems and software, and they’re almost merging and bleeding into each other. Even at 1800 F Street — GSA’s central office building — we are seeing the internet of things making its appearance. We have smart sensors located everywhere in the building. I’m really excited about the prospect of introducing connectivity and intelligence to the physical systems.
In terms of cybersecurity, it does raise
a lot of serious concerns and things that have to be thought through, so it’s always going to be a balancing act for agencies, industries and consumers to make sure that we’re seeking the right balance between convenience and security and that we’re not sacrificing one for the other.
This interview continues at Carahsoft.com/innovation/ azeem-GSA.
  S-22 | SPONSORED CONTENT