The Federal government has come a long way with implementing zero trust security architectures, but Federal chief information officers (CIOs) and chief information security officers (CISOs) hope the future of zero trust is “instinctive,” and something that is naturally baked into agencies’ programming. […]
Tags
Zero Trust
A senior Cybersecurity and Infrastructure Security Agency (CISA) official provided an update this week on agency-level activity in their migration toward zero trust security architectures mandated by President Biden’s 2021 cybersecurity executive order and subsequent guidance documents issued by CISA and the Office of Management and Budget (OMB). […]
The cultural and mindset shifts required to advance the migration by Federal agencies to zero trust security architectures are proving to be among the more stubborn areas of change in that sweeping effort, according to Angel Phaneuf, Chief Information Security Officer, at the U.S. Army Software Factory. […]
The Federal government’s march toward zero trust security architectures is well underway with guidance documents from several agencies. And while that guidance is crucial, Federal agencies cannot confine themselves only to the practices described in them, Federal experts said during an ATARC event on August 9. […]
MeriTalk spoke with Frank Dimina, senior vice president of Americas and public sector at Splunk, about the value of log data and how agencies can facilitate collection and analysis. […]
Gerald Caron, chief information officer (CIO) and assistant inspector general (IG) for information technology at the Department of Health and Human Services (HHS), said this week that sustainability and continuous authentication are two of the keys to creating a robust identity and access management (IAM) strategy as part of how Federal agencies move to comply with President Biden’s 2021 cybersecurity executive order that requires migration to zero trust security architectures. […]
Angelica Phaneuf, Chief Information Security Officer at the Army Software Factory, explained some of the steps that her organization has been taking to meet the needs of zero trust security mandates at an August 2 event entitled Securing Identity in a Zero Trust Environment and hosted by Federal News Network. […]
Ken Myers, the chief Federal ICAM Architect at the General Services Administration (GSA), explained today that the Federal Identity, Credential, and Access Management (FICAM) Architecture has similar goals to the Federal zero trust architecture (ZTA) strategy, with both of them emphasizing identity. […]
As Federal agencies work to mature zero trust environments and stay ahead of the next big threat, fusing AI with more traditional cybersecurity strategies may be key for progress. During a May webinar, two NVIDIA computing experts explained how the company has transformed itself in recent years into a full-stack firm, with a range of high-performance software applications. […]
NASA is working through a unique set of challenges to implementing zero trust security architectures due to the age of some of its systems that tie back to launches decades ago of equipment in space that remains operable. […]
By: Raghu Nandakumara, Senior Director, Head of Industry Solutions, Illumio From the Colonial Pipeline breach to the JBS ransomware attack, the past year has shown us that cyberattacks on U.S. critical infrastructure are more relentless, sophisticated, and impactful than ever before – and all too often threaten the economic stability and wellbeing of U.S. citizens. […]
The U.S. Air Force AFNet Sustainment and Operations Branch – in collaboration with the Air Combat Command (ACC) Directorate of Cyberspace and Information Dominance and the Platform One team– is driving toward developing a modern software-based perimeter that will deliver zero trust capabilities to applications across the service branch, an Air Force official said. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is aiming to issue the second version of its Zero Trust Maturity Model this summer, according to Eric Goldstein, CISA’s executive assistant director for cybersecurity. […]
The Technology Modernization Fund (TMF) today announced $94.94 million of new project funding to the U.S. Department of Agriculture (USDA), Department of Homeland Security (DHS), and Federal Trade Commission (FTC), to advance network security projects. […]
The White House’s Office of Management and Budget’s (OMB) zero trust memo issued earlier this year, M-22-09, directed Federal agencies to migrate to zero trust security architectures, but a White House official this week said agencies’ success in that effort will look different for the policy’s various directives. […]
The House Appropriations Homeland Security Subcommittee today approved a homeland security budget print for fiscal year (FY) 2023 that includes $2.93 billion for the Cybersecurity and Infrastructure Security Agency (CISA), representing a $334 million increase from FY2022 and a $417 million increase over the requested amount. […]
By Scott Ormiston, Federal Solutions Architect, Synack Within a single week in late March, the Biden administration both reissued the call for American companies to shore up their cybersecurity efforts in the wake of the Russia-Ukraine war, and requested nearly $11 billion in cybersecurity funding from Congress for the Federal government and its agencies for […]
As Federal agencies are working to make progress on President Biden’s cybersecurity executive order (EO) and implement zero trust security architectures, agencies and their leaders must have a tight handle on their zero trust implementation plans, an official from the Cybersecurity and Infrastructure Security Agency (CISA) said this week. […]
The enduring shift toward at least partial work-from-home arrangements for government employees is creating new workforce possibilities for many agencies, but also new challenges on the technology security front for both Federal and state and local governments, experts said this week. […]
The sweeping cyber EO that followed included 11 sections of guidance and mandates designed to push Federal agencies to improve their cybersecurity posture and modernize their infrastructure. Many of the mandates involve building a zero trust architecture, which requires users and devices to be authenticated and authorized before accessing the agency network, applications, and data. […]
MeriTalk recently sat down with Fortinet’s Jim Richberg, public sector CISO, Peter Newton, senior director, product marketing, and Fortinet Federal’s Felipe Fernandez, senior director, system engineering, to gain their insights into how Federal technology teams can integrate all of the components of a zero trust architecture to achieve holistic cybersecurity in a cloud, hybrid, or closed environment. […]
Join MeriTalk and Merlin Cyber on June 1 at 10 a.m. for our complimentary Zeroing in on Application and Data webinar, where government and industry IT experts will put the spotlight on the data and application pillars of the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model. […]
Chris DeRusha, who wears the dual hats of Federal Chief Information Security Officer (CISO) and Deputy National Cyber Director for Federal Cybersecurity in the Office of the National Cyber Director, charted some near-term policy goals on the security front during a keynote address on May 19 at MeriTalk’s Cyber Central May 2022 – Mission: Cyber Resilience in-person conference. […]
As President Biden’s cybersecurity executive order (EO) stretches past its first year, Federal agencies are at varied points in their progress on the EO’s orders. Federal leaders say it is important for agencies to approach the EO’s zero trust components strategically and understand their networks as they make the move to a zero trust architecture. […]
Implementing an effective zero trust architecture within an agency’s security framework has become pivotal to achieving cyber resiliency within the Federal government. But to be successful in the implementation of a zero trust architecture there are several elements agencies must keep in mind, according to several cyber experts. […]
Nearly two-thirds – 63 percent – of Federal mission and IT officials surveyed earlier this year believe their agencies are on track to meet the Office of Management and Budget’s zero trust security targets by the end of Fiscal Year 2024, according to new research published today by General Dynamics Information Technology (GDIT). […]
The National Institute of Standards and Technology (NIST) released a zero trust planning guide May 6 for Federal administrators that provides an overview of how the NIST Risk Management Framework (RMF) can be used to develop and implement a zero trust architecture (ZTA). […]
As President Biden’s landmark cybersecurity executive order (EO) approaches its first anniversary on May 12, new research shows that most Federal cybersecurity decision-makers solidly back the aims of the EO, but also think that its initial timelines to implement zero trust security are unrealistic. […]
The Federal government is making a big push toward zero trust security architectures, but with an abundance of guidance on what makes a zero trust architecture successful, the looming question for many Federal agencies is ‘where do we start?’ Randy Resnick, senior advisor for the Zero Trust Portfolio Management Office at the Department of Defense (DoD), believes the first step is planning. […]
As Federal agencies look to bring a zero trust security architecture to their disparate agencies and missions, resources are the main obstacle for agencies, the chief information security officer (CISO) for the Department of Homeland Security’s Information and Analysis (DHS I&A) division said today. […]