Cloud Safe Task Force

Attacks on the U.S. government’s cloud IT infrastructure, often perpetuated by nation state actors, have resulted in massive data breaches, affecting millions of records while also raising concerns about the use of cloud solutions in national security and other critical government operations. As more and more data migrates to the cloud, the attacks have escalated, raising concerns about deficiencies in cyber resilience and operational hygiene, especially in certification processes and dealing with known vulnerabilities.

The Cloud Safe Task Force is a collaborative initiative formed in 2023 by MITRE, the Cloud Security Alliance (CSA), and the Advanced Technology Academic Research Center (ATARC). Our mission is to safeguard the U.S. government's cloud infrastructure from threats and data breaches, focusing on national security and critical government operations.

The work of the Task Force centers on improvement in three areas—cybersecurity standards and practices, public sector cybersecurity policy, and governance and oversight.

In its first year, CSTF published three papers and hosted a series of events featuring panelists from government, industry, academia, and the nonprofit sector, including representatives from Microsoft, Google, IBM, Oracle, the Office of the National Cyber Director, USCYBERCOM, and more.

View the recording from our Nov. 2024 event, Reciprocity and ATO Process Reengineering, featuring Chris DeRusha, former federal Chief Information Security Officer. Save the date for our next event focused on Continuous Testing, Feb. 5, 2025.