-
Beyond Compliance: Elevating Cybersecurity Practices with Travis Rosiek
- 2024/02/28
- 再生時間: 42 分
- ポッドキャスト
-
サマリー
あらすじ・解説
As technology rapidly evolves we as a nation need to anticipate the attacks that may come about as a result of that innovation. Travis Rosiek, the Public Sector CTO at Rubrik and former Leader at the Defense Information Systems Agency (DISA), joins Tech Transforms to talk about how the government’s approach to technology and relationship with industry has evolved over the last twenty years. He also discusses compliance, including FedRAMP compliance, managing the vast amount of data that is generated daily across the government and industry, and the importance of the U.S. Government building cyber resilient systems. Catch all this and more on this episode of Tech Transforms.
Key Topics- 00:00 Government fielded and tested tech capabilities, explained compliance.
- 05:23 Enhanced security collaboration, compliance, and risk minimization.
- 09:14 Experience in government and commercial capabilities. Innovation.
- 10:12 Commercial companies prioritize profitability over long-term planning.
- 14:38 Challenges in public sector recruiting and retention.
- 18:49 Outsourcing SaaS applications frees up resources. AI evolving, human input remains essential.
- 22:33 Assessing incident response: Operational evaluation, not just compliance.
- 25:57 Vendors and program office face process challenges.
- 29:46 Secure cloud data access: visibility, risks, controls.
- 32:27 Emphasizing need for security in IT systems.
- 36:44 CISOs face challenges in evolving tech landscape.
- 38:11 Support CISOs, recruit and retain talent, accountability.
Evolving Cybersecurity Practices: A Shift to 'Cloud Smart' StrategiesTravis's Perspective on Cloud Misconceptions
Travis discusses the early days of cloud adoption, which were often fueled by misconceptions about its benefits. The migration toward cloud computing was commonly believed to be a cost-effective solution that would reduce expenses and simultaneously enhance security. However, he points out that this was not always the case. Many organizations have since realized that the initial cost of moving to the cloud can vary greatly based on specific use cases and applications. This realization has led to a strategic shift toward what Travis refers to as a "cloud smart" approach. Highlighting the need for a more discerning and tailored evaluation of how cloud resources are utilized.
The Role of Commercial Companies vs. Government in Problem-Solving: "Industry is great about solving problems. You know, driving that capitalism type of culture, building capabilities, selling solutions. And they're quicker to implement, adapt and deploy capabilities where the government is very slow in implementation of these you know, they can figure out the problem." — Travis RosiekThe 'Cloud Smart' Strategic ApproachTaking a "cloud smart" approach indicates a maturation in the perception of cloud services by government agencies and businesses alike. Rather than a blanket strategy of cloud-first, Travis indicates that there is now a more nuanced consideration of when and how to use cloud services. He underscores the importance of aligning cloud adoption with an organization's unique needs. Including the potential scalability, security and cost implications. This approach suggests a collaborative and informed decision-making process. Recognizing that the cloud offers a variety of solutions, each with different features, advantages and trade-offs that must be carefully weighed against organizational goals and objectives.
Navigating Cybersecurity Practices in Cloud MigrationThe Balance of Technical and Non-Technical Implications in Cloud MigrationTravis discusses the intricacies involved in organizational cloud migrations. Emphasizing that these undertakings are not solely about technological transitions but...