What Happens if There’s a Massive Data Breach in the Cloud?

If the White House can be hacked as well as other governmental agencies such as the OPM where 21 million federal employees had their information compromised (FBI/CIA, etc… included), it’s only a matter of time…

 

https://i2.wp.com/cdn.nextgov.com/media/img/upload/2015/07/24/072415clouddatabreachNG/nextgov-medium.jpg

 

Government IT systems have taken a beating lately, with the recent Office of Personnel Management’s breach exposing some 21-plus million federal employee records being just the cherry on top of what’s been a cybersecurity sundae from hell for most agencies.

But coincidentally, none of these breaches involved cloud systems.

Federal cloud security standards, governed by the Federal Risk and Authorization Management program, have been hugely successful thus far in ensuring cloud service providers that serve government customers aren’t bringing knives to gun fights.

That cloud service providers can automate software patching – something the government has a hard time doing – for customers is a huge argument against the myth that cloud computing isn’t as secure as traditional data centers.

“My fear is that we’ll have a break-in in the cloud in the next three to five years and blame it on the cloud instead of the lack of effective authentication mechanisms,” said Patrick Stingley, chief technology officer at the Interior Department’s Bureau of Land Management. “I’m afraid when something blows in the cloud, we’ll blame cloud and it won’t be the cloud.”

Yet, as other panelists, including Defense Intelligence Agency Chief Innovation Officer Dan Doney pointed out, even the intelligence community has embraced cloud. The Defense Department, too, continues to move slowly toward cloud, even as other federal agencies, like the Federal Communications Commission, have moved all in.

At some point, the odds suggest cloud providers with government customers will be hit by data breaches. What happens then?

Full article: What Happens if There’s a Massive Data Breach in the Cloud? (NextGov)

Comments are closed.