Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
No Result
View All Result
Home Cloud

Pentagon Issues Cloud Security Playbook

by Jane Edwards
March 3, 2025
in Cloud, News
Pentagon Issues Cloud Security Playbook

The Department of Defense has released a playbook designed to help software development managers, mission owners and developers improve the cybersecurity of applications hosted in cloud environments.

Table of Contents

    • You might also like
    • DOE Names New Members to Secretary of Energy Advisory Board
    • TMF Seeks Proposals for Federal AI, Permitting Modernization Projects
    • Space Force, Parabilis Complete DOTS Propulsion Hot Fire Test
  • Preparing Organizations for Cloud Adoption
  • Implementing Secure Identity, Credential & Access Management
  • Cloud Security Playbook Volume 2

You might also like

DOE Names New Members to Secretary of Energy Advisory Board

TMF Seeks Proposals for Federal AI, Permitting Modernization Projects

Space Force, Parabilis Complete DOTS Propulsion Hot Fire Test

The Cloud Security Playbook, cleared for public release on Feb. 26, seeks to address the most common cloud security vulnerabilities and threats and intends to help mission owners hosting software in the cloud quickly achieve an Authorization to Operate, or ATO.

The document comes in two volumes. The first volume aims to prepare organizations for using a cloud and intends to enable users to understand key concepts, such as the shared responsibility model, the impact level and the requirement of a DOD provisional authorization or ATO for cloud services.

Preparing Organizations for Cloud Adoption

The playbook suggests several actions to prepare an organization for using a cloud, such as setting up a cloud governance team, developing a cloud migration strategy and establishing a budget to implement the cloud migration strategy.

Other measures outlined in the document are developing organizational policies on cloud usage, creating a cloud exit strategy, defining the roles and responsibilities of those who will have cloud access and training the workforce on cloud security.

Implementing Secure Identity, Credential & Access Management

The document calls for the implementation of identity, credential and access management, or ICAM.

Recommended actions under this section include implementing and enforcing the principle of least privilege, or PoLP; implementing PoLP for each cloud resource; requiring phishing-resistant multifactor authentication; using context-based access control policies and review policies prior to deployment and periodically after deployment to identify potential gaps; and considering requiring administrators to access cloud resources using privileged access workstations.

The initial volume also covers other key plays, such as establishing secure network access, deploying with infrastructure as code, using a cloud-native application protection platform, employing defensive cyberspace operations and deploying user and entity behavior analytics.

Cloud Security Playbook Volume 2

The playbook’s second volume addresses ways to secure containers and microservices, defend DevSecOps pipelines, mitigate third-party risks and ensure the security of artificial intelligence systems and application programming interfaces.

To defend DevSecOps pipelines, recommended actions include adopting a zero-trust approach, using encryption with a FIPS 140-2 approved algorithm, minimizing the use of long-term credentials, implementing endpoint detection and response tools and integrating security testing into the pipeline.

Stay connected via Google News
Follow us for the latest travel updates and guides.
Add as preferred source on Google
Share5Tweet19

Recommended For You

DOE Names New Members to Secretary of Energy Advisory Board

by Jane Edwards
July 10, 2026
Department of Energy seal. DOE has named 20 new members to the Secretary of Energy Advisory Board.

20 industry and research leaders have joined DOE's advisory boardMembers will serve two-year terms through May 2028Explore AI, cybersecurity and other agency modernization priorities at the 2026 FedCiv...

Read moreDetails

TMF Seeks Proposals for Federal AI, Permitting Modernization Projects

by Jane Edwards
July 10, 2026
Technology Modernization Fund logo. TMF seeks proposals for permitting technology modernization and federal AI adoption.

Two TMF proposal calls focus on permitting and AIProject submissions close July 24Explore AI and federal modernization priorities at the 2026 FedCiv SummitThe Technology Modernization Fund has launched...

Read moreDetails

Space Force, Parabilis Complete DOTS Propulsion Hot Fire Test

by Jane Edwards
July 10, 2026
U.S. Space Force seal. The Space Force and Parabilis have completed a hot fire test of the DOTS CubeSat propulsion prototype.

DOTS is a 2U-scale hybrid propulsion system for CubeSatsThe propulsion prototype exceeded program objectivesThe 2026 Air and Space Summit will examine AI, Golden Dome and network modernizationThe U.S....

Read moreDetails

VA OIG Finds Security Gaps in Veterans’ Patient Advocate Tracking System

by Miles Jamison
July 10, 2026
VA OIG seal. The VA's inspector general found that the Patient Advocate Tracking System-Replacement's security was lacking.

The watchdog found weaknesses in PATS-R safeguards that exposed sensitive veteran informationAuditors identified gaps in system classification, access management and privacy documentationMany users said they did not realize...

Read moreDetails

White House CEQ Names Innovators for Inaugural Permitting Technology Expo

by Miles Jamison
July 10, 2026
White House. CEQ revealed the technology innovators that will demonstrate the tools to modernize reviews and permitting.

CEQ selected technology innovators to demonstrate permitting modernization tools at a July 31 expoAn expert panel evaluated submissions against technology priorities outlined in the Permitting Technology Action PlanThe...

Read moreDetails
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Sponsors

About ExecutiveGov

ExecutiveGov, published by Executive Mosaic, is a site dedicated to the news and headlines in the federal government. ExecutiveGov serves as a news source for the hot topics and issues facing federal government departments and agencies such as Gov 2.0, cybersecurity policy, health IT, green IT and national security. We also aim to spotlight various federal government employees and interview key government executives whose impact resonates beyond their agency.

CATEGORIES

  • Acquisition & Procurement
  • Announcements
  • Articles
  • Artificial Intelligence
  • Awards
  • Big Data & Analytics News
  • C4ISR
  • Civilian
  • Cloud
  • Contract Awards
  • Cybersecurity
  • Defense And Intelligence
  • Defense Security Cooperation
  • DHS
  • Digital Assets
  • Digital Modernization
  • DoD
  • Events
  • Executive Moves
  • Executive Spotlights
  • Federal Civilian
  • Financial Reports
  • Foreign Military Sales
  • General News
  • GovCon Expert
  • Government Cloud
  • Government Technology
  • GSA
  • Healthcare IT
  • Industry News
  • Intelligence
  • Legislation
  • M&A Activity
  • National Security
  • News
  • Policy Updates
  • Press Releases
  • Profiles
  • Space
  • Videos
  • Wash100
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Copyright 2026 Executive Mosaic. All Rights Reserved. Site Archive

No Result
View All Result
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news

Copyright 2026 Executive Mosaic. All Rights Reserved. Site Archive

Get your free GovCon news!

Get your latest GovCon news and insights. Become a VIP and subscribe to the GovConWire Daily News.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
Thanks for subscribing!