Collaboration inside and outside the agency
Collaboration doesn’t have to be limited to internal offices. It should extend to anyone managing aspects of agency security, such as contracted vendors. Historically, however, security vendors have erected walls around their slices of agency information.
“Most government agencies, by design, source at a very granular level. The work is outsourced to multiple vendors, whether it’s a competition issue or a concentration risk. It’s part of a strategy,” says Hans. “If you have two different suppliers, they won’t talk to each other. In a way, they are told not to talk to each other, because that is how contracts are obtained. It’s a bit of a brake. »
Instead, IT managers can work with their procurement teams to encourage collaboration when dealing with vendors.
“Going forward, especially for zero trust, there needs to be a bit more flexibility in some of the ways things are purchased. Have clauses in the contract that require companies to collaborate and share data with each other. The IT department and the purchasing department must promote this,” says Hans.
TO EXPLORE: Why zero trust should be a goal, not just a mindset.
The agency’s conversations with suppliers could change, notes Hans: “We’re going to do it a little differently. We expect you to do these five things, whether they’re collaborating or sharing data, and, in fact, we think it’s good behavior for you to do so.
Whether the sharing of information happens outside or inside the agency, it provides valuable context. “Context is so important in cyber operations. Without it, you don’t know what’s going on,” says Hans. “A lot of offenses happen because of that.”
Hans shares an example to illustrate the value of context in collaboration: “If there’s a vendor that does firewalls and IPS/IDS, and the identity people do their job, that’s fine if the identity folks can get a little bit of context about what’s going on at the perimeter.If the intrusion detection system tells you there’s been an intrusion, it would be nice if the identity people know that there is an intrusion.
Click on the banner below to get insider access to exclusive articles on federal IT trends.