Barry Duplantis, vice president and general manager of the North American public sector at Mattermost, said government agencies seeking to facilitate response to cyber incidents and maintain digital sovereignty should implement a self-hosted technical collaboration platform.
Duplantis wrote in a commentary published Monday on Federal News Network that such a collaboration platform could provide organizations a secure environment to centralize communications, content and technology tools that are needed to audit and respond to incidents.
“A self-hosted collaboration platform enables you to securely collaborate in real time, with lower risk of compromise. And if it’s an open source solution, you can customize security settings to protect data at appropriate impact levels (ILs) — for example, from IL4 for DoD-controlled unclassified data to IL6 for DoD classified data up to Secret level,” he noted.
Duplantis said digital sovereignty has become an imperative for agencies since it could help protect privacy, intellectual property and national security.
He discussed how collaboration platforms could back auditability by integrating all the data needed to perform a post-incident investigation and how customizable, digital playbooks could help automate workflows for incident response efforts.
Duplantis also cited some of the best practices for conducting a collaborative incident response, such as defining the audit’s objectives and developing the standards and criteria for assessing the incident.