Security transformation is about more than technology
When it comes to an effective transition away from legacy technology systems to more modern, efficient security tools, organizations stand to gain the greatest benefits if they communicate the value of digital transformation in advance and implement the right changes.
Jeanette Manfra, Director of Government Security and Compliance at Google Cloud, which specializes in services ranging from data centers to backup technologies, said that a proactive mindset can help organizational leaders overcome obstacles that arise during a digital transformation.
During a keynote session at CyberTalks, the annual summit of security leaders from the government and private sector hosted by Scoop News Group, Manfra explained that effective buy-in from throughout a company, or government agency, can streamline both technology and other operations.
“Security practitioners in particular, whether real or perceived, can be blockers and not enablers,” she said. “And so one of the things that both working with customers and in my own experience, to try to help [organizations] understand is that digital transformation is much more than just those productivity goals. It is an actual security transformation, as well.”
Manfra, who previously worked in the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said a shift to the cloud also liberates firms from security environments located on-premises. It’s the kind of shift that helps executives get away from a “digital fortress,” and opt instead for more agile strategies.
The benefits of a security transformation may also include a more trustworthy remote workforce, Manfra added during her virtual keynote. Google employees now are able to telecommute via untrusted networks without the use of a virtual-private-network, and access internal applications more quickly and securely. With the right set of tools, such as Google’s Beyond Corp., which is available for users outside Google, users can enjoy the benefits of a zero trust framework.
“It’s awesome,” she said.
An effective adjustment also occurs with the mentality that “there’s no such thing as absolute security.” Risk mitigation strategies, rather than an expectation of total risk elimination, underpin the move to modernization. Much of that mitigation also occurs as a result of automation, in which efficient tools reduce the burden on cybersecurity staffers.
Finally, Manfra encouraged viewers to not go through the security modernization process alone. Quality partnerships, such as Google’s relationships with Citrix, CrowdStrike and Tanium, have helped the company commit to transforming zero trust from a visionary idea to a reality.
“Last, but not least, demand a strong partnership with a cloud provider,” she said. “You have to base that on a shared understanding of risk and security objectives. At Google, we take security really, really seriously. … And we do it at scale, in a way that makes it available to so many more people than could have done it on their own.”
View the full video recording on demand, entitled “Cloud” on Day 4 of CyberTalks, at CyberScoop.
This article was produced by and underwritten by Google Cloud.