Cloud spending in the U.S. federal government continues to grow, but there are bumps in the road to adoption. Many of the cloud initiatives that federal agencies are actively pursuing around IT modernization are cyber-related. They include meeting information security mandates, ensuring consistent security across clouds at runtime and the application lifecycle as well as addressing skill gaps in cloud security. A study by Forrester Consulting suggests that Prisma Cloud, a Cloud Native Security Platform, can help reduce cloud obstacles for federal agencies.
To better understand the financial impact of cloud migration, we recently commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study to examine the return on investment (ROI) of deploying Prisma Cloud, a Cloud Native Security Platform. In a recent Cloud Security Today interview, Chief Cloud Strategist at General Dynamics Information Technology, Ravi Raghava, said that security automation is key to high ROI on federal agency cloud investments. The TEI study identified key challenges customers had before deploying the platform. Many are the same challenges federal agencies grapple with:
- Poor visibility into cloud environments, including compliance visibility.
- Inefficiencies in addressing vulnerabilities and misconfigurations.
- Inefficient auditing and reporting.
While the TEI study focused on ROI – a universal metric that most B2B organizations track and measure – customers achieved results that civilian and defense agencies can use to inform their risk reduction strategies and make the best use of the personnel they have as they move to cloud.
Here’s a closer look at some select results from the Forrester TEI study and how Prisma Cloud can help federal agencies address cloud challenges as they look to keep pace with accelerating government IT modernization.
1. Reduce the Risk of Data Breaches in Cloud Environments
The risk of security incidents grows for federal agencies as they expand their cloud use. According to the Unit 42 Cloud Threat Report, governments grew their cloud workloads by 83% in the first half of the year, and their security incidents grew by 205%. In short, as governments rapidly scale their cloud environments, their security controls aren’t keeping pace.
Agencies that use Prisma Cloud can reduce their cyber risks. The Forrester TEI study found that deploying Prisma Cloud decreased the likelihood of significant material data breaches by 27%. The platform’s key contributions to data breach reduction include increased cloud posture visibility, improved alerting and quicker remediation of misconfigurations and vulnerabilities.
2. Harness Automation to Combat Cloud Skill Gaps
According to the U.S. Bureau of Labor Statistics, cloud computing and information security are helping to fuel strong growth in IT occupations in the United States. All industries – including the public sector – are experiencing shortages in cloud and cybersecurity skills. These skill and resource gaps can lead to misconfigurations, security issues in app development and worse.
To reduce the impact of cyber-staffing shortages, federal agencies are looking to automate more processes and increase efficiency in their security operations center and cloud development activities. The Forrester TEI study found that Prisma Cloud can help on both fronts by improving:
- SecOps efforts to investigate incidents by 44%.
- DevOps efforts to fix code vulnerabilities and software misconfigurations by 60%.
These findings suggest that Prisma Cloud can help federal agencies as they strive to meet the ambitious goals outlined in the Biden administration’s “Executive Order on Improving the Nation’s Cybersecurity,” including improving their investigative and remediation capabilities as well as reducing the risk of introducing vulnerabilities into the supply chain.
The risk visibility into cloud workloads that Prisma Cloud provides can also help to create more proactive collaboration between security and cloud development teams.
3. Extend Consistent Zero Trust Architectures to Cloud Environments
The Biden administration’s executive order on cybersecurity also emphasizes the need for the federal government to increase its adoption of security best practices, including employing a Zero Trust security model, accelerating movement to secure cloud services and consistently deploying foundational security tools, such as multifactor authentication and encryption.
The Forrester TEI did not look specifically at how Prisma Cloud can support a Zero Trust model. But, agencies can use Prisma Cloud to provide users with precise, least-privileged access based on fully customizable authentication methods. Even after granting access, they can use Prisma Cloud to monitor user behaviors for malicious activity as well as signs of malware, data loss and credential theft.
Using solutions like Prisma Cloud can help agencies establish Zero Trust boundaries. And, as explained in a recent article, “Why a Zero-Trust Approach Can Make the Cloud More Secure,” those boundaries allow organizations to better protect critical data hosted in the cloud from unauthorized apps or users, reduce the exposure of vulnerable systems, and prevent the movement of malware in their network. One of the benefits of Prisma Cloud, according to the Forrester TEI study, is that it covers multicloud and cloud native environments.
We have a great use case on how federal agencies can strengthen their security with Zero Trust if you want to find out more about it.
4. Simplify Compliance Reporting and Improve Audit Efficiency
Prisma Cloud also delivers compliance coverage for users, apps and data across multicloud deployments. That benefits federal agencies, which are under pressure to meet stringent compliance mandates that relate to cloud security. The Forrester TEI study found that Prisma Cloud – which supports major compliance frameworks such as the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), the Center for Internet Security (CIS) and NIST – reduced the time to create, review and consume compliance reporting by 90%. The platform also helped to improve audit efficiency by up to 64%.
These results can be attributed in part to Prisma Cloud enabling IT teams to quickly and easily generate audit-ready reports. The platform also creates and stores audit event records for all major subsystems.
If you want to learn more about how we can help your agency become more resilient by modernizing operations, managing cyber risk and reducing cloud obstacles as you make the transition, visit our federal website.