With the recent release of the White House “Executive Order on Improving the Nation’s Cybersecurity,” the Biden administration has issued a forceful response to incidents such as the Colonial Pipeline and the SolarWinds attacks. “The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector and ultimately the American people’s security and privacy,” the order states. “The Federal Government must improve its efforts to identify, deter, protect against, detect and respond to these actions and actors.”
At Dynatrace, we are committed to supporting a robust response to these objectives throughout the Federal Government’s agencies. Three of the order’s key directives, in particular, are central to helping agencies attain a new level of cybersecurity awareness and response.
Modernizing Federal Government cybersecurity by increasing visibility into threats
Modernization and digital transformation are ongoing efforts as the Federal Government relies upon countless systems, applications and supporting multicloud infrastructure, many of which are interconnected. If our adversaries compromise just one component, they can jeopardize an agency’s entire mission. That’s where the Dynatrace Software Intelligence platform can elevate the capabilities of federal agencies to increase visibility into threats.
Using software intelligence from Dynatrace, agencies can establish observability that spans applications, infrastructure, and user experience, including the latest open-source standards, such as OpenTelemetry. Dynatrace automatically and continuously observes and captures all data from logs, metrics, and end-to-end traces along with user experience and context data generated from tools that support the complete catalog of agency tasks and strategic actions.
For example, Dynatrace Real User Monitoring automatically detects Content Security Policy (CSP) violations, providing insights into potential frontend application attacks, such as cross-site scripting.
Implementing a zero-trust architecture
As stated in the order, zero-trust “eliminates implicit trust in any one element, node, or service, and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses. In essence, a zero-trust architecture allows users full access, but only to the bare minimum, they need to perform their jobs. If a device is compromised, zero trusts can ensure that the damage is contained.”
Dynatrace’s software intelligence directly supports zero trust, allowing teams to define their “protect surface” by identifying and classifying every app and user regardless of where they exist. It will automatically detect anomalous and potentially threatening activity to help agencies enforce the principles of least privilege, network segmentation, and proper configuration.
The least privilege enforcement relies upon Dynatrace’s end-to-end observability of the entire cyber ecosystem, so agencies can develop a comprehensive risk map. They must grasp “what is talking to what” throughout their systems enterprise-wide. – before they even get started.
Establishing a partnership with the private sector
The order states, “The private sector must adapt to the continuously changing threat environment and ensure its products are built and operate securely and partner with the Federal Government to foster a more secure cyberspace.” At Dynatrace, we could not agree more. In fact, we consider this partnership as our patriotic duty, which is why we obtained FedRAMP authorization at the Moderate Impact Level for the complete Dynatrace Software Intelligence Platform.
Lack of visibility into modern, cloud-native architecture represents a security threat – a national security threat. When an adversary threatens to shut down communications between a command base and flight team – or interrupt the distribution of COVID-19 vaccine supplies – we are reminded of how so much depends upon the defense of the government’s systems and digital assets. The technology sector commands the expertise and skillsets needed to work with federal leaders as devoted partners to anticipate and entirely avoid these scenarios. Our expertise and passion for ongoing discovery can immediately augment agencies’ existing tactical knowledge.
Dynatrace remains steadfast in its dedication to providing federal agencies with the automatic and intelligent observability they need to develop the most highly secured and capable cyber ecosystem for the government. We embrace the executive order and look forward to working with our federal customers to fulfill its directives.
To learn more about how Dynatrace can simplify the complexities and challenges of federal cloud migration projects to accelerate your journey to the cloud while automating operations and optimizing performance, check out our webinar. Ready to discuss in-depth how Dynatrace can help your agency? Please contact us.