As federal agencies work to modernize their IT infrastructure, they face a tangled web of challenges, from managing legacy architectures and tool sprawl to adopting artificial intelligence (AI) securely and preparing for post-quantum threats. Addressing these issues isn’t just a technical necessity; it’s a mission imperative.
MeriTalk recently sat down with Matt Marsden, senior director of technical solutions – federal at Palo Alto Networks, to discuss how platformization enables greater operational effectiveness, why crypto-agility matters now, and the practical steps agency leaders can take today to build an identity-aware, AI-ready, and quantum-resistant future.
MeriTalk: When federal leaders talk with you about network modernization, what problems are they really trying to solve – tool sprawl, hybrid work, multi-cloud complexity, workforce limits, or all of these?
Marsden: Absolutely all of the above. These issues are deeply interconnected, and federal leaders are trying to solve them both individually and holistically. But if you peel back the layers, the core challenge is reducing complexity to increase operational effectiveness. For years, our federal agencies and departments have bought best-of-breed point solutions – a tool for intrusion detection, another for protection, another for endpoint, cloud visibility, and so on. This results in a fractured infrastructure that really isn’t functional, and it creates an incredible level of complexity for the people who operate it.
One of the biggest impacts we see is in security operations centers, where analysts spend a tremendous amount of time manually correlating data across dashboards. That drives up workforce demands, costs, and risks. Ultimately, agencies want to simplify operations so they can focus on mission outcomes.
MeriTalk: From an agency’s point of view, what changes when network security, cloud security, and security operations are integrated instead of stitched together from point products?
Marsden: When everything is integrated from the ground up – what we call platformization – it eliminates the latency and context loss that can occur when point solutions are stitched together. With a platform approach, data flows seamlessly across the network, endpoint, and identity layers. That leads to significantly faster mean time to detect and mean time to respond – measured in seconds, not hours. Platformization also allows for shared context and high-fidelity data to better enable the AI systems that power operations. The outcome is a simpler, more effective security posture. Simplicity is critical because complexity is the enemy of security.
MeriTalk: Palo Alto Networks has a broad portfolio of FedRAMP-authorized services across network, cloud, and SecOps. How does that breadth of FedRAMP authorization affect what agencies can do architecturally when they set out to modernize and consolidate?
Marsden: Agencies used to rely on integrators or internal teams to stitch together point products and then go through the lengthy FedRAMP Authority to Operate process for cloud services, which could take 12 to 18 months per tool. By pursuing FedRAMP High and Moderate across our portfolio – Strata for network security, Prisma for cloud security and secure access service edge (SASE), and Cortex for SecOps – we enable agencies to adopt a code-to-cloud security stack immediately. That significantly reduces time to value. And we’re not asking agencies to rip and replace everything. Palo Alto Networks’ Next-Generation Firewalls are broadly deployed across government and commercial networks, so they provide a very stable base on which to build a modern security ecosystem. And because our systems are purposefully open, they can work with what’s already in place.
MeriTalk: Without getting into anything sensitive, can you walk us through a recent federal engagement where network modernization and consolidation made a tangible difference?
Marsden: Recently, a large agency faced significant workforce reductions and budget constraints. We worked with them to analyze their current infrastructure and design a modern architecture that helped reduce cost and complexity.
They had more than a dozen remote sites and work-from-home staff. They had significant costs in security appliances at those remote sites, as well as network infrastructure. We helped them transition to SASE while also using next-generation firewalls and software-defined networking. This eliminated redundant hardware and improved application performance and security for agency employees. It’s a great example of modernization delivering both financial and operational benefits.
MeriTalk: AI is both a new tool for defenders and a new attack surface. When agencies consolidate around an AI-powered platform, what can they do in terms of cyber detection and response, and securing AI workloads, that wasn’t possible previously?
Marsden: We’re at an inflection point where the speed of attack is outpacing the human capability to defend. Adversaries are using AI to quickly develop polymorphic malware that evades traditional signature-based tools. We’re combating this with precision AI capabilities in Cortex XSIAM – machine learning that analyzes petabytes of data across our ecosystem to identify subtle behavioral shifts. This increases detection fidelity across all of our customers. We’re also focused on shadow AI – the unauthorized use of AI tools – as well as the secure use of approved AI tools. Agencies are really struggling with this problem because AI is built into almost every application today. With Prisma AIRS, Prisma Browser, and AI Access, we can control which AI tools are used and how they are used. For example, we can prevent sensitive information from being copied, pasted, or shared. This is a massive issue, and we’re working hard to make secure AI manageable for federal agencies.
MeriTalk: Federal guidance is moving agencies toward post-quantum cryptography (PQC). How should agencies think about post-quantum-ready virtual private networks and crypto-agility as part of network modernization, rather than just another requirement?
Marsden: This isn’t a future problem – it’s a now problem. Adversaries are already harvesting encrypted data today, planning to decrypt it later with quantum capabilities. Fortunately, we’re seeing pretty broad awareness of the need to address this concern. But can be a significant investment to uplift the network infrastructure to be post-quantum resistant or post-quantum ready.
Rather than rip and replace infrastructure, agencies can build crypto-agility into their modernization plans. Our next-gen firewalls are optimized for post-quantum readiness and can provide cipher translation – meaning even legacy applications that can’t be updated can still benefit from quantum-resistant encryption through the firewall. We take a discover, deploy, protect approach, starting with full visibility into what algorithms and encryption keys are in use, and then help agencies upgrade incrementally. It’s about enabling readiness without disruption.
MeriTalk: What are the two or three most practical steps that a federal chief information officer or chief information security officer can take in the next 12 to 18 months to set themselves up for an AI-ready, identity-aware, and eventually quantum-resistant network, without disrupting today’s mission?
Marsden: First, unify network and identity telemetry. Move away from legacy SIEMs and toward real-time, AI-ready platforms like XSIAM that ingest and correlate data across all sources. Second, adopt a platform approach to zero trust. A single SASE architecture that covers all users and devices simplifies the environment and reduces costs. It also makes future capabilities, such as PQC, a software update instead of a hardware rollout. And third, start your inventory for crypto-agility now. It costs almost nothing to discover all the cryptography and algorithms that are in use. That knowledge is the first step in targeting modernization priorities for post-quantum readiness.