Cloud computing has picked up major steam in the public sector since the Central Intelligence Agency moved to Amazon Web Services Inc. in 2014. While speed and efficiency of provisioning cloud infrastructure can take huge chunks of time and labor out of public sector operations, the formal approval to work with government agencies called Authority to Operate, or ATO, is not achieved with a simple swipe of the credit card. Tools built to expedite consent can aid public sector organizations in need of cloud computing solutions, as well as the enterprises vying to earn the government’s trust.

“If you listen to John Edwards, the CIO from the CIA, he talks about how the reason he loves the cloud is because it used to take the agency about a year to provision a server; now it’s a few minutes,” said John Wood (pictured, right), chief executive officer at Telos Corp., an information technology consulting company. “Well, that’s great, but if you can’t get your authority to operate — because that could take another 18 months — you’re not going to get the benefit of the cloud.”

Wood and Rick Tracy (pictured, left), chief security officer and co-inventor of Xacta IA Manager, spoke with John Furrier (@furrier) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS Public Sector Summit in Washington, D.C. They discussed cloud’s infiltration of the public sector and the challenges companies with lots of legacy face when moving to cloud. (* Disclosure below.)

Round-the-clock risk assessment

Telos owns and collaborates with IT services company Xacta Corp. The two have unveiled platforms Xacta 360 and Xacta.io to help customers understand their security posture and nab ATO quicker.

“The holy grail for us as security practitioners is all-around continuous monitoring of your underlying risk,” Wood said.

Xacta 360 helps speed up time to ATO with automated risk assessment and management. Xacta.io complements 360 with continuous compliance and monitoring in the cloud or on-premises through data analytics. Xacta.io is a versatile platform for any organization that wants to prioritize security tasks or anticipate attacks before they occur, according to Tracy.

“The point is not everyone has an ATO requirement, but everyone has a need to manage their risk posture,” he concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS Public Sector Summit. (* Disclosure: Telos Corp. sponsored this segment of theCUBE. Neither Telos nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE