The Cloud Safe Task Force says U.S. government organizations responsible for national defense should collaborate with the country’s major cloud service providers, or CSPs, in order to enhance U.S. cybersecurity posture.
The task force made the recommendation following an April 8 meeting where it was noted that continued migration of U.S. data and systems to commercial cloud environments has reduced the government’s ability to monitor and respond to national cyber threats, MITRE said in a report released Wednesday.
The task force proposed the launch of the National Cloud Cyber Feed Initiative, which will work to facilitate information-sharing between government organizations like U.S. Cyber Command, the Cybersecurity and Infrastructure Security Agency and the Office of the Director of National Intelligence and CSPs like Google, Amazon Web Services and Microsoft, which now possesses the technical capability to deliver information that would enable real-time cybersecurity monitoring.
The initiative’s objectives include the establishment of regular stakeholder dialogues regarding cloud security threats, incidents and best practices; the creation of a real-time view of CSP security measures that also compares their effectiveness; the establishment of a framework governing the responsibilities and authorities of the collaboration.
Further discussions need to take place regarding the initiative. Topics to pursue include what information would have to be shared, which organizations should provide it and which federal agencies should sponsor the effort.
The Cloud Safe Task Force is a collaboration between MITRE, the Cloud Security Alliance, the Advanced Technology Academic Research Center and the IT Acquisition Advisory Council.