We’re pleased to announce Wiz for Gov is ‘in-process’ for a Department of Defense (DoD) Impact Level 4 (IL4) provisional authorization. This milestone reflects our commitment to defend Defense Industrial Base (DIB) and DoD cloud investments. A DoD IL4 provisional authorization proves a provider meets security requirements for processing and storing non-public, unclassified data, including controlled unclassified information (CUI). Wiz is thankful to our government sponsors, who continue to partner with us for the DoD IL4 and FedRAMP Moderate process.
Why Wiz for the DIB and DoD?
The defense sector is at the forefront of innovation, and the push to offer scalable capability for the warfighter and act in an agile manner is driving defense sector investments in the cloud. According to GovWin, ““97% of the total [DoD] cloud budget” ($2.0B) will be spent with commercial cloud providers in FY 2024. This is the highest total reported in three years compared to $1.5B in FY 2022 and $1.8B in FY 2023.” The expanding adoption of cloud services requires the DoD to embrace a new cloud security operating model that can handle the evolving threat landscape, the dynamic nature of the cloud, and complicated compliance requirements. Wiz is committed to partnering alongside the DoD to help secure the most critical cloud workloads against cyber-attack.
The cloud requires a new operating model for security
The adoption of cloud computing, while offering unparalleled flexibility and scalability, also introduces a new set of security risks that the DoD needs to protect against. In this dynamic environment, new cloud services are being introduced constantly, increasing the attack surface as the environment grows. From resource misconfigurations, emerging vulnerabilities, identity risks, exposed data, and more, DoD agencies and defense contractors running in the cloud need to ensure they can detect risks and effectively remove the critical ones before they are exploited. The cloud also adds new teams to the cloud security operating models, as developers and data scientists can launch new cloud resources in the click of a button, requiring them to understand how to secure their resources to effectively scale.
Compliance requirements are also evolving in response to these new risks, leading organizations across the defense ecosystem to outsource reporting and remediation for POA&Ms and CMMC (check out our take on CMMC).
These changes require organizations to adopt new strategies for cloud security, as well as new tools. Making Wiz available at IL4 will help the DoD adjust to this new operating model, scale security with its cloud environments, effectively focus on removing critical risks, and move to automated compliance. Existing solutions for vulnerability management do not adequately address security control assessor requirements or the true need for security in public clouds – Wiz does. Public sector and DoD agencies are interested in Wiz for the same reasons private and public companies worldwide are choosing Wiz, including more than 40% of the Fortune 100 companies. They want a solution that’s been built specifically to address how the cloud operates. They want a solution that prioritizes security issues so they can be addressed expeditiously. And they want a solution that enables collaboration among development and security teams.
With this milestone, Wiz for Gov is on track to help DoD customers secure everything they build and run in the cloud with the highest security standards to support their most critical missions. Hear more about how Wiz is helping the Navy secure their cloud environments in this case study with Strategic Business Systems (SBS). You can learn more about Wiz for Gov by visiting the Wiz for Government webpage. If you prefer a live demo, we would love to connect with you.