The federal government will invest close to $100 million to modernize cybersecurity operations at three agencies.
On Tuesday the General Services Administration announced a trio of awards under the Technology Modernization Fund that will pay for security upgrades to the U.S. Department of Agriculture’s primary IT network, stand up a multi-cloud security operations center at the Federal Trade Commission and modernize the Department of Homeland Security’s information sharing network.
In a statement, federal chief information officer Clare Martorana said the awards were part of the Biden administration’s plan to “aggressively invest in defenses and shift from outdated perimeter based defenses to a ‘zero trust’ approach that confronts our adversaries’ capabilities and intent.”
“These investments will implement robust multifactor authentication, encrypt government data, quickly detect and contain adversary activity, and continuously identify and remediate vulnerabilities,” Martorana continued.
Of the approximately $95 million doled out, more than two-thirds will go towards upgrading USDA.net, which has faced “challenges in keeping up with expanded program needs for throughput and security,” according to a project description for the funding. The upgrades will allow for quicker implementation of security policies for different software systems, provide a quicker path to Trusted Internet Connection points, reduce the number of networks owned and operated by USDA from 17 to one and save an estimated $734 million through greater efficiencies.
Another $26.9 will be used to develop a new information sharing platform to replace work done by the DHS Homeland Security Information Network, which is used to share sensitive but unclassified data about ongoing threats between the federal government, state and local governments, the private sector and international partners. During the pandemic the HSIN was heavily used by the Cybersecurity and Infrastructure Security Agency, the Center for Disease Control, the Department of Health and Human Services and other agencies to coordinate on COVID response activities and the resulting strain put “unprecedented pressure on DHS’ decade-old information sharing network” which struggled to handle the increased usage.
According to GSA the new platform will be cloud-native, with the ability to scale up computing resources for future emergencies and will include new security features that make it easier to provide secure access to the federal government’s growing remote workforce.
The FTC is also looking to leverage the cloud in its own $4 million-funded project to stand up a security operations center as a service to protect consumer information, corporate filings and law enforcement-related data. That would involve using a third-party cloud provider to host that data and the agency claims doing so would “greatly” reduce the risk of ransomware and other forms of cyber attack (ransomware actors rarely target federal agencies for a variety of reasons, not least of which because there is almost no chance they will ever pay up) and cut down on the amount of time employees spend on incident response. While the center would focus on protecting FTC information, officials at the Technology Modernization Fund may see greater potential for the idea, calling it a “repeatable foundation for future government-wide implementations of SOC as a Service.”
While the moves follow federal mandates for agencies to move their systems and data to the cloud and adopt zero-trust architecture, they also come as cloud and managed service providers are being increasingly targeted by nation-state and criminal hacking groups precisely because they are seeing the same trends.
Campaigns like CloudHopper have allowed suspected Chinese hackers to pilfer massive troves of intellectual property, security clearance data and other sensitive records from Western businesses by targeting the cloud providers who hosted their data. While the federal government has its own dedicated vetting process for cloud products through FedRAMP, officials have warned that agencies who rely on commercial cloud providers may not be immune from those same threats.
“I think it’s really intuitive that [malicious hackers] are going to follow our valuables to the new vaults. Our future is in the cloud, adversaries are seeing our data there, the big cloud providers are going to be attractive targets,” said Rob Joyce, director of the NSA’s cybersecurity directorate at RSA earlier this month. “That cloud adoption is growing exponentially: it’s across private industry, critical infrastructure, the government – to include the Intelligence Committee – we have now classified clouds from commercial service providers. So we have skin in this game as well.”