The Cybersecurity and Infrastructure Security Agency (“CISA”) released the second version of its cloud security Technical Reference Architecture (“TRA”) several months ago. CISA is the country’s cyber defense agency that works with other interagency partners to improve cybersecurity. The purpose of the TRA is to outline the suggested approaches to data protection or cloud migration. The federal government is slowly transitioning to the cloud and the reference architecture is designed to provide guidance. The TRA also explains the considerations for shared services, cloud security posture management, and cloud migration.
It’s important to know how to securely migrate information to the cloud. There are important considerations when transferring information from one database to another one. Data migration can be a multi-faceted process that requires information evaluation. In other words, the information that is being transferred should be categorized based on its sensitivity – e.g., non-confidential, confidential, highly confidential. In that way, the data migration team can implement the necessary safeguards.
President Joseph Biden recently issued Executive Order 14028 called “Improving the Nation’s Cybersecurity” in an effort to support cybersecurity and safeguard critical infrastructures. The key points of the executive order are as follows: