Cloud-native tools can democratise cybersecurity for the rest of us

As governments go digital, their exposure to cyberthreats also increases.

For Arizona Department of Administration (ADOA), the cloud has been key for the government office to quickly move citizen services digitally on a platform that already has security built in, said its State Chief Information Officer, J R Sloan, in an online case study.

Beyond just a means to modernise legacy systems, cloud services can simplify access to cybersecurity solutions for employees, said Cloudflare ASEAN’s Vice President, Kenneth Lai.

As ADOA does not have dedicated cyber staff, cybersecurity cloud solutions like Cloudflare’s are “high-powered” tools that “take little to no effort to deploy,” said Sloan in the case study.

Cloudflare offers a variety of technologies and tools, including DDoS mitigation, web application firewalls, API protection, bot management, and more.

With zero trust increasingly becoming a priority for the public sector, cloud-native solutions can ensure that zero-trust based policies can be consistently applied across the entire system architecture, enabling robust and holistic cybersecurity protection against malicious actors.

Tackling complexity – the enemy of security

The growing complexity of cybersecurity management can be as scary as the escalating threats themselves.

But robust cybersecurity does not have to be complicated, said Lai, adding that Cloudflare’s Zero Trust Architecture enables organisations to implement small-scale, simple projects that focus on securing users, applications, data, devices, networks and Internet traffic.

“This offers immediate benefits, creates early momentum and lays the foundation for broader transformation,” he explained.

As the platform helps to streamline and consolidate security controls, organisations can ultimately focus on what really matters in terms of executing the fundamentals of cybersecurity – instead of always being on their guard.

Lai called for a simplified approach with cybersecurity to enable teams to swiftly detect and respond to emerging threats, as well as to minimise potential damages.

Aside from ensuring simplicity on its platform, Cloudflare’s Zero Trust Architecture enhances data protection by controlling access at the user, device and network levels – making it ideal for sensitive government data, he added.

Cloudflare for government’s page highlights some fast and ready-to-use solutions for the public sector.

To subscribe to the GovInsider bulletin click here.

Load balancing key to seamless network traffic

The firm’s Zero Trust Architecture is also built to handle fluctuating workloads and varying data sensitivities with ease.

To enable seamless traffic routing for public sector organisations, Lai highlighted that load balancing across both public and private workloads is key.

Load balancing is a method to distribute network traffic equally across a pool of resources to support an application.

This is why Cloudflare has a global network distributed across 330 cities in more than 120 countries.

During the Covid-19 pandemic when global vaccination efforts were ongoing, Cloudflare helped a number of governments including US, Canada and Japan, to implement a virtual waiting room to manage peak traffic and prevent website crashes.

The ability to manage traffic efficiently enabled citizens to access essential services like vaccinations, said Lai.

To subscribe to the GovInsider bulletin click here.

Public sector collaborations on multiple fronts

Cloudflare has extensive experience servicing the public sector, catering to government agencies across the US, Europe and Asia, Lai said.

One of its public sector customers is Indonesia’s GovTech Procurement, which Cloudflare helped to secure the national digital commerce platform for procurement transactions.

Some key results achieved include centralising encryption and site security for over 600 tenant websites, mitigating different types of persistent attacks thereby improving availability and reducing unwanted origin server loads, and offloading static content to the global network for seamless website traffic flows.

Last year, the firm also clinched a US$7.2 million contract with the US national cybersecurity agency to secure the domain name system (.gov domain) for US government websites. To date, Cloudflare is servicing over 40 US federal government agencies.

On the regulatory and policy-making front, Cloudflare recently worked with the Cyber Security Agency of Singapore (CSA), alongside GovTech Singapore, Defence Science and Technology Agency (DSTA) and Singtel, to draft best practices for organisations to implement effective distributed denial-of-service (DDoS) mitigation strategies.

Lastly, on capacity-building, it is also working with the US government on public education and awareness about threats to civil society, best practices and resources developed to protect vulnerable communities.

One of their “impact projects” as Cloudflare calls it, is the Athenian Project launched to provide state, county, or municipal governments with security for election websites in the US.

In 2020, 229 state and local governments in 28 states tapped onto these resources to defend their election websites. As of last year, its usage among state and local government websites has increased by 48 per cent, said Lai.