As agencies strive to meet changing zero trust security requirements, an official from the Cybersecurity and Infrastructure Security Agency (CISA) said that he’s seeing an increased sense of urgency to implement those requirements to collectively move “the Federal fleet forward.” […]
Tags
Zero Trust
The General Services Administration (GSA) is working on a series of playbooks for Federal agencies to use as they proceed with implementing plans to migrate toward zero trust security architectures, and expects to begin releasing those within a couple of months, a senior GSA technology official said today. […]
A Defense Information Systems Agency (DISA) official said today that the next focus area for work on the agency’s Thunderdome zero trust prototype project is user convenience. […]
The Department of Education was one of three agencies to receive funding from the General Service Administration’s (GSA) Technology Modernization Fund (TMF) for Zero Trust services, and the agency’s chief information officer Steven Hernandez said the agency is prioritizing the control pillar of the zero trust architecture with the funds. […]
The modernization of identity, credential, and access management (ICAM) has long been critical to improving Federal agency cybersecurity, and is only becoming more urgent due to President Biden’s cybersecurity executive order (EO) and associated policy directives requiring agencies to move to zero trust security architectures, government officials said on April 19 at a virtual event organized by FedInsider. […]
When implementing zero trust security architectures, an official from the Department of Health and Human Services (HHS) said today that the real change is not a technology change, but instead a “cultural change” within the organization. […]
The long road to implementing zero trust security architectures may be driven by top-down policy directives and prioritizing technology pillars, but the art and science of communication and collaboration are showing up as vital inputs into organizing Federal agency technologists and network users to move toward the government’s zero trust goals. […]
The United States Special Operations Command (SOCOM) is hosting a Security at the Edge Cyber Challenge, with the multiple-phase challenge seeking to identify technologies that are capable of providing security-at-the-edge capabilities, according to a special notice posted on SAM.gov. […]
Federal agencies are continuing to work towards implementing zero trust security architectures, but which of the Office of Management and Budget’s (OMB) security pillars will take precedence in zero trust development? […]
Following mandates, Federal law enforcement agencies have begun taking steps to adopt a zero trust architecture. However, according to some IT officials from these agencies, challenges continue to arise as they continue to implement their zero trust architecture model. […]
Today every Federal agency is working to implement zero trust. Each will begin in a unique place that is dictated by its current cybersecurity posture, cybersecurity investments, and agency missions. Still, many questions must be answered as agencies plot their zero-trust journey. Which pillar in the Zero Trust Maturity Model is most urgent? Which data is more vulnerable to attacks? How do you find and classify the most sensitive information? […]
While the zero trust security model has been widely recognized as an effective approach to preventing and mitigating data breaches, an official with the Cybersecurity and Infrastructure Security Agency (CISA) said this week there are several misconceptions Federal agencies have which make them skeptical about adopting the framework. […]
The Biden administration is asking for $300 million of additional money for the Technology Modernization Fund (TMF) in Fiscal Year 2023 – an amount that would backfill most of the $320 million that the fund has awarded to Federal agencies since it received its $1 billion infusion in the American Rescue Plan Act last year. […]
Federal agencies are emerging from a tough season of security vulnerabilities – SolarWinds and Log4j among them – knowing that bad actors are changing their game plans. At the same time, agencies are improving their cyber playbooks with zero trust guidance from the White House, the Office of Management and Budget (OMB), the Cybersecurity and Infrastructure Security Agency (CISA), and others. […]
Prompted by the White House executive order on cybersecurity, Federal agencies are accelerating their adoption of zero trust architectures. And according to Gerald Caron, chief information officer (CIO) and assistant inspector general (IG) for information technology at the Department of Health and Human Services (HHS), these models must include automation. […]
Federal chief information security officers (CISOs) today recommended that as Federal agencies implement zero trust security architectures they also put in place continuous training programs for their workforce to keep employees up to date on the technology and best practices. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft version of its Applying Zero Trust Principles to Enterprise Mobility for public comment. […]
The Federal government has recently taken new steps towards creating a zero trust security environment, building on last May’s Executive Order on Improving the Nation’s Cybersecurity (EO) aimed at advancing the standards by which we protect our federal information system. […]
Security, in the past, was built on fixed physical networks that allowed access to trusted individuals and kept untrusted individuals out. But, as Federal agencies transform their digital environments and increase remote work security measures had to evolve, making zero trust architectures the new norm and identity the new perimeter. […]
The National Security Agency (NSA) has released a cybersecurity technical report for its Network Infrastructure Security Guidance that features network infrastructure best practices, according to a March 1 release from the agency. […]
The National Security Telecommunications Advisory Committee (NSTAC) – a group of private sector experts that advises the White House on telecommunications issues that affect national security and emergency preparedness – is advising the Cybersecurity and Infrastructure Security Agency (CISA) to establish a dedicated Zero Trust Program Office. […]
The CIO Council is currently leading an effort, along with a multi-agency working group, to develop a new Zero Trust Playbook for agencies, according to Thomas Santucci, the director of the General Services Administration Data Center and Cloud Optimization Initiative Program Management Office (DCCOI PMO). […]
A Defense Information Systems Agency (DISA) official explained today how the agency is approaching work on its Thunderdome zero trust prototype project, along with associated identity, credential, and access management (ICAM) efforts, and said DISA expects to have further updates on those over the next several months. […]
The Office of Management and Budget’s (OMB) finalized zero trust directive issued last week sets the stage for the first steps in implementing zero trust security architectures at Federal agencies, but a lot more work remains in the pursuit of that goal, a panel of Federal security experts agreed during an ATARC virtual event on Feb. 1. […]
The final version of the Office of Management and Budget’s zero trust security directive issued this week drew strong praise from private-sector providers of security technologies to Federal agencies for its hard deadlines and firm direction to agencies on how to begin digging into the task of migrating toward zero trust architectures. […]
Ross Nodurft, executive director of the Alliance for Digital Innovation and former chief of the Office of Management and Budget’s (OMB) cybersecurity team, gave positive reviews to the final version of OMB’s zero trust security directive to Federal agencies, but also noted agencies’ ability to find funding to implement the strategy in the near term remains somewhat cloudy. […]
Today, the Office of Management and Budget (OMB) published the final version of its strategy that directs Federal agencies to migrate to zero trust security architectures. […]
Amid the blizzard of mounting security threats posed by sophisticated adversaries and increased attack surfaces spawned by large-scale telework, most Federal agencies are getting the message and moving strongly toward developing zero trust security architectures. […]
Private sector IT firms that supply Federal government agencies with advanced technologies acknowledged the minor trend toward better grades on the 13th edition of the FITARA Scorecard, but told MeriTalk they want to see the House Oversight and Reform Committee follow through on aims to align grading categories better newer Federal tech policies that steer toward better cybersecurity and modernization of legacy systems. […]
Large numbers of private and public sector organizations have shifted to a zero trust architecture. Each organization takes a different approach to implement zero trust concepts. Still, the goal is to bring together emerging and existing technologies to ensure users and their staff experience is secure and effortless, Federal leaders said Jan. 18 during a Federal News Network virtual event. […]