According to Barry Duplantis, vice president and general manager of Mattermost’s North America public sector arm, federal agencies have begun to understand that cybersecurity is not just about combating each individual attack, but also establishing all-around “digital sovereignty.”
To achieve this type of digital infrastructure, a self-hosted technical collaboration platform is crucial, and ensuring that it stays secure requires strong incident anticipation and response, Duplantis wrote in a piece published to Federal News Network on Monday.
“Today, digital sovereignty is an imperative for all government organizations,” said Duplantis, who emphasized its importance in protecting the privacy of citizens and employees, U.S. intellectual property and international policy data that could result in geopolitical consequences if leaked.
Though many organizations have harnessed multi-cloud environments and Software-as-a-Service offerings, Duplantis noted that these approaches to cloud computing may not fit the needs of entities hosting sensitive data – which he said could be met with a self-hosted collaboration platform.
“A self-hosted collaboration platform enables you to securely collaborate in real time, with lower risk of compromise,” he said.
If the platform is open source, users will also be able to tailor its security settings to match the correct Department of Defense impact levels, said Duplantis.
An effective collaboration platform should also support the establishment of specific channels, the automation of incident-response workflows and auditability, he added.
Digital sovereignty is also built on strong incident response. The process should entail swift identification, investigation and remediation of any cyber threats or attacks, he said.
“Achieving that goal requires a complete audit trail of the incident itself and of the incident response,” Duplantis said. “A retrospective of incident response enables you to benefit from lessons learned to achieve continual improvements.”
Defining and following best practices for incident response audits is another critical piece of reaching digital sovereignty. According to Duplantis, identifying audit objectives, steps and standards up front will boost the relevance of the information collected for later use.
“Of course, incident management begins long before an incident occurs. You need the right people to review the right information at the right time to spot potential problems early and accurately,” said Duplantis.
He added that pinpointing any issues early in the incident management could help organizations discover trends that may improve future investigations.