The Cybersecurity and Infrastructure Security Agency released its second version of guidance for secure migration to the cloud.
CISA published its second release of the Cloud Security Technical Reference Architecture, which is intended to guide agencies’ secure migration to the cloud by defining and clarifying considerations for shared services, cloud migration and cloud security posture management, according to a June 23 news release.
“The updated Cloud Security TRA is a key step forward for each agency’s transition to the cloud environment," Eric Goldstein, CISA executive assistant director for cybersecurity, said in the release. "CISA and our partners will continue to provide expert, coherent and timely guidance to help agencies modernize their networks with sound cybersecurity and resilience to protect against evolving cyber adversaries."
The TRA strives to improve guidance to fulfill a key mandate under President Joe Biden’s executive order 14028 on improving the nation's cybersecurity, the release reported.
It is important to protect the cloud as nearly all sectors of business now utilize it, and Goldstein noted mitigating risk was the biggest motivating factor.
"While the TRA was developed for federal agencies, all organizations using or migrating to cloud environments should review this document and adopt the practices therein as applicable to most effectively manage organizational risk," Goldstein said in the release.
According to the release, he also added that making the country better able to handle a cyber attack if it came was the ultimate goal.
"As the nation’s cyber defense agency, CISA works collaboratively with our interagency partners to implement improvements that make our federal civilian agencies more resilient to cyber threats," Goldstein said in the release.
