Cybersecurity Resilience Framework Project

Georgia Technology Authority Enhances Security Posture  

Georgia Technology Authority (GTA) engaged TekStream to develop a cybersecurity resilience framework for their organization. The state agency wanted to migrate more workloads for GTA applications, along with those of the state agencies they support, to run on public cloud services like Amazon Web Services (AWS) and Microsoft Azure.  

GTA asked TekStream to create a framework that would help enhance its security posture while modernizing its operations to enable greater flexibility and agility. It was equally important for GTA to leverage TekStream’s guidance and expertise to determine which cloud environment and security policies best suited their workloads.

Technologies Involved

AWS Elastic Disaster Recovery Services (DRS)

AWS Cloud Services
AWS GuardRails
AWS Config
Microsoft Azure

AWS Advanced Tier Services

Key Pain Points

Current cybersecurity posture assessment needed to accommodate future change

Challenges in migrating workloads to AWS and Azure.

Balancing modernization with effective security policies.

Solution Objectives  

  • Prepare the organization for future public cloud migration and adoption
  • Provide recommendations to improve the holistic cybersecurity posture via
    • Cloud architecture
    • Cloud security
    • Governance
    • Process management
    • Technology
  • Review all GTA cloud strategy documentation  
  • Conduct discovery sessions with key GTA stakeholders and vendors
  • Document findings based on assessment results
  • Present and execute findings for GTA    

How We Fixed It  

TekStream worked with GTA resources to perform five structured assessments, targeting critical areas such as cloud architecture, cloud security, cloud governance, process management and technology. These assessments were designed to evaluate the current and desired future state of each domain, identifying gaps, risks, growth opportunities and cost savings. 

Leveraging the NIST framework alongside documentation and artifacts associated with GTA’s Cloud Brokerage Service, TekStream provided GTA with a framework focused on key dimensions of GTA’s cyber resilience strategy. Together, a roadmap was implemented for executing the recommendations based on level of priority and complexity as part of GTA’s cloud-first strategy.  

Key Successes

  • Refactoring the migration process, moving beyond lift and shift and modernizing services using AI/ML capabilities  
  • Enhancing the security controls of AWS accounts by implementing AWS Guardrail and AWS Config  
  • Mapping AWS Config conformance packs to align with regulatory compliance needs of each workload, improving visibility and automating security remediation  
  • Establishing proper IAM roles with the right KMS Key policy to minimize data exposure across agencies 
  • Implementing third-party security tools in addition to AWS built-in security services to enhance observability, patching, protection and remediation within cloud infrastructures 
  • Deploying a compliance scanner to ensure compliance requirements are consistently met  

About the Company

Customer: Georgia Technology Authority  

Industry: State Government Agency  

Revenue: $51,230,000 

Location: Atlanta, GA