In May, the President signed an Executive Order aimed at enhancing cybersecurity at Federal government agencies.\u00a0 Of its handful of mandates, migration of computing resources to the cloud is likely to have the most sweeping Federal impact. While Federal agencies are feeling the pressure to accelerate their plans to shift to the cloud, they understand that they need to do so with minimal disruption. In a recent\u00a0study conducted by MeriTalk and Fortinet, 70 percent of Federal IT decision makers believe that the majority of Federal agencies will rely on hybrid cloud environments to power core applications over the next decade.\u00a0Cloud Migration a Challenge to ManyThe number one challenge identified by Federal agencies in migrating to the cloud is expanding security measures and policies to cover cloud environments. To date, confidence is hard to find. Only 35% of Federal IT leaders believe that the security of their existing private cloud environments is excellent, and this drops to 21% for public cloud. They have similar concerns for the security of data that has to move between physical and virtual environments.\u00a0Visibility Needs to ImprovePart of the problem is that many Federal IT infrastructures already have significant security challenges. Traditionally highly complex Federal infrastructures will need to be reengineered before they can be successfully migrated to a cloud environment. As it stands now, only a third of Federal IT managers report having a high level of visibility into their existing network environments. Adding a cloud infrastructure without making significant changes is likely to reduce that visibility even further.\u00a0Agile Segmentation a Foundational NeedAs a result, architectural planning, with strong and agile network segmentation, needs to be prioritized. Rushing into such a migration and trying to solve overnight all of the architectural and security issues that have evolved over decades will just lead to more problems. Federal agencies need to start by establishing a planning and action horizon, and then steadily march toward it.\u00a0Consequence-Based Engineering is a Dimension of Risk ManagementThis process needs to start with identifying the specific bad consequences that they want to avoid, and engineering as many of them as possible out of Federal hybrid networks.\u00a0 What are the large data sets that cannot be compromised?\u00a0 What services need to be available with high confidence even in stressed conditions?\u00a0 What co-dependencies exist that cannot be broken?\u00a0 Intentional design and consequence-based engineering will always address far more security challenges than the traditional approach of simply trying to bolt additional security devices onto the back of the existing network. Commercial and Federal organizations need to start by assuming that persistent actors will penetrate their networks, and formulate architectures and objectives to achieve risk mitigations via consequence-based engineering.\u00a0Automation & Integration to Address the Problems of Speed & ScaleWe also need to thoughtfully apply advanced concepts from the commercial sector that implement automated cyber defense solutions tailored for hybrid cloud architectures.\u00a0 Developing and implementing integrated and automated cyber defenses will allow agencies to address the growing challenges they face due to increasing numbers of connected devices and related data volume. \u00a0Real-time, contextual-based threat intelligence combined with an information-sharing architecture allows agencies to address the challenges and concerns of protecting critical data and systems, along with intellectual property.\u00a0Hybrid Public-Private Clouds: A Secure Interim or Permanent SolutionThe good news is that some modern commercial security solutions are designed to enable a strategic migration to a cloud-centric environment. Careful planning and the implementation of security tools that can enforce security posture seamlessly across hybrid environments avoid forcing organizations to take an all-at-once or all-or-nothing approach to migrations.\u00a0In fact, there are options that not only enable agencies to keep government and citizen data safe, but can actually increase visibility and control, enable agile segmentation, and otherwise protect their systems at speed and scale, even in distributed and multi-cloud environments.\u00a0An OpportunityWe can no longer afford to relegate security to an afterthought, or implement it as a series of isolated security platforms. Agencies that are able to establish effective security integration between their physical and virtual environments over an integrated security fabric can more effectively integrate security, SIEMs and other analytic tools to centralize management and enable automation.\u00a0It\u2019s well within each Federal department and agency\u2019s reach to achieve hybrid cloud environments with the sort of broad visibility and granular controls that weren\u2019t realized with traditionally isolated security resources.\u00a0 It will enable the dynamic sharing and correlating of threat intelligence gathered from across the distributed network, and implement automation in order to make critical decisions at machine speeds. The Executive Order represents an opportunity to achieve both greater efficiencies and security postures, and is a critical step forward in securing the Federal governments critical cyber resources.\u00a0Learn more about Fortinet Federal and its solutions for Federal agencies.