Michael Crouse, director of enterprise data and user protection at Forcepoint, wrote in a GCN article published Monday that government agencies should invest in next-generation cybersecurity platforms, automate manual processes and understand user behaviors to address visibility gap in cloud environments and better manage privileged users.
“Robust automated tools can help agencies not only understand which employees require what level of access but also monitor and manage that access over time,” Crouse wrote. “Always-on enforcement can help them home in on risky behavior — without creating friction for users legitimately doing their jobs.”
Crouse discussed how behavioral analytics and other tools for monitoring user behavior could help agencies detect malicious user activities. He also cited how a zero trust architecture could benefit agencies.
“This modern, continuous-monitoring methodology derives user risk scores from a diverse set of unstructured and structured data applied to access-control points. The goal is to determine whether an individual is trustworthy at a given moment in time,” he said of zero trust. “The result is adaptive, risk-based security that gives agencies the strongest security where they need it most.”
He also tackled how a cloud access security broker could provide agencies better cloud visibility by enabling them to detect and monitor the use of applications in the cloud.
“Situated between the user and the cloud service provider, a CASB is designed to identify high-risk activities and enforce policies and controls for cloud applications. In the process, it can block account-centric threats, meet compliance requirements and protect sensitive data,” Crouse added.