A senior Cybersecurity and Infrastructure Security Agency (CISA) official provided an update this week on agency-level activity in their migration toward zero trust security architectures mandated by President Biden’s 2021 cybersecurity executive order and subsequent guidance documents issued by CISA and the Office of Management and Budget (OMB).
The cultural and mindset shifts required to advance the migration by Federal agencies to zero trust security architectures are proving to be among the more stubborn areas of change in that sweeping effort, according to Angel Phaneuf, Chief Information Security Officer, at the U.S. Army Software Factory.
The Federal government’s march toward zero trust security architectures is well underway with guidance documents from several agencies. And while that guidance is crucial, Federal agencies cannot confine themselves only to the practices described in them, Federal experts said during an ATARC event on August 9.
Gerald Caron, chief information officer (CIO) and assistant inspector general (IG) for information technology at the Department of Health and Human Services (HHS), said this week that sustainability and continuous authentication are two of the keys to creating a robust identity and access management (IAM) strategy as part of how Federal agencies move to comply with President Biden’s 2021 cybersecurity executive order that requires migration to zero trust security architectures.
Angelica Phaneuf, Chief Information Security Officer at the Army Software Factory, explained some of the steps that her organization has been taking to meet the needs of zero trust security mandates at an August 2 event entitled Securing Identity in a Zero Trust Environment and hosted by Federal News Network.
The Defense Information Systems Agency (DISA) announced an extension of its Thunderdome Prototype zero trust security project, increasing the total length of the pilot program to 12 months with a new expected completion date in January 2023.
In the long march to implementing zero trust architectures (ZTA), Federal agencies have focused on managing user identity and made tremendous progress in implementing identity authenticators into their systems.
Ken Myers, the chief Federal ICAM Architect at the General Services Administration (GSA), explained today that the Federal Identity, Credential, and Access Management (FICAM) Architecture has similar goals to the Federal zero trust architecture (ZTA) strategy, with both of them emphasizing identity.
NASA is working through a unique set of challenges to implementing zero trust security architectures due to the age of some of its systems that tie back to launches decades ago of equipment in space that remains operable.
The U.S. Air Force AFNet Sustainment and Operations Branch – in collaboration with the Air Combat Command (ACC) Directorate of Cyberspace and Information Dominance and the Platform One team– is driving toward developing a modern software-based perimeter that will deliver zero trust capabilities to applications across the service branch, an Air Force official said.
The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has selected an 18th cybersecurity firm – PC Matic – to participate in its Implementing a Zero Trust Architecture (ZTA) project.
Join MeriTalk and Merlin Cyber on June 1 at 10 a.m. for our complimentary Zeroing in on Application and Data webinar, where government and industry IT experts will put the spotlight on the data and application pillars of the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model.
Implementing an effective zero trust architecture within an agency’s security framework has become pivotal to achieving cyber resiliency within the Federal government. But to be successful in the implementation of a zero trust architecture there are several elements agencies must keep in mind, according to several cyber experts.
Nearly two-thirds – 63 percent – of Federal mission and IT officials surveyed earlier this year believe their agencies are on track to meet the Office of Management and Budget’s zero trust security targets by the end of Fiscal Year 2024, according to new research published today by General Dynamics Information Technology (GDIT).
The Defense Information Systems Agency’s (DISA) Thunderdome zero trust project, along with associated identity, credential, and access management (ICAM) efforts, is currently in the process of standing up capabilities in a lab setting before testing it in fielded networks and eventually doing an operational assessment this fall.
A Defense Information Systems Agency (DISA) official said today that the next focus area for work on the agency’s Thunderdome zero trust prototype project is user convenience.
Federal agencies are continuing to work towards implementing zero trust security architectures, but which of the Office of Management and Budget’s (OMB) security pillars will take precedence in zero trust development?
Federal agencies are showing urgency and pushing hard to meet challenging zero trust security implementation deadlines following rollout of the Office of Management and Budget’s (OMB) zero trust strategy in January, government and industry experts agreed during a March 15 webinar hosted by MeriTalk and Merlin Cyber.
Federal Chief Information Security Officer Chris DeRusha gave a relatively upbeat assessment today on strides that Federal IT leadership and agencies have been making on implementing the Cybersecurity Executive Order that the Biden administration issued ten months ago.
Gerald Caron, CIO and assistant inspector general for information technology at the Department of Health and Human Services (HHS) Office of the Inspector General (OIG), said today he wants Federal agencies to move away from looking at zero trust as a checklist and instead focus on its practical effectiveness to prevent cyberattacks.
As Federal agencies embark on their years-long transition to zero trust security architectures, the technologies feeding into network endpoint security loom large on the list of essential pillars upon which zero trust relies.
A Defense Information Systems Agency (DISA) official explained today how the agency is approaching work on its Thunderdome zero trust prototype project, along with associated identity, credential, and access management (ICAM) efforts, and said DISA expects to have further updates on those over the next several months.
Amid the blizzard of mounting security threats posed by sophisticated adversaries and increased attack surfaces spawned by large-scale telework, most Federal agencies are getting the message and moving strongly toward developing zero trust security architectures.
The Defense Information Systems Agency (DISA) announced that it has awarded Booz Allen Hamilton a $6.8 million contract to implement a Thunderdome Prototype—which will be DISA’s zero trust security and network architecture.
Digital transformation in the Federal government is shifting the focal point of security to the user and device – not the data center. As Federal IT leaders look to keep pace with new modernization and cybersecurity requirements, they need platforms and capabilities that support fresh approaches to security and data.
Large numbers of private and public sector organizations have shifted to a zero trust architecture. Each organization takes a different approach to implement zero trust concepts. Still, the goal is to bring together emerging and existing technologies to ensure users and their staff experience is secure and effortless, Federal leaders said Jan. 18 during a Federal News Network virtual event.
One plus one still equals two, but when two providers of services vital to executing on the Federal government’s zero trust security migration mandate are the ones leveraging each other’s strengths, then the equation yields an extra boost through force multiplication.
As agencies accelerate efforts to move to secure cloud services and zero trust architecture in line with the requirements of the Biden administration’s executive order on cybersecurity (EO), many are challenged to close visibility gaps and blind spots in their technology environments. In a MeriTV interview, Sean Connelly, program manager for Trusted Internet Connections at the Cybersecurity and Infrastructure Security Agency (CISA), and Michael Dickman, chief product officer at cloud visibility and analytics firm Gigamon, assessed those visibility gaps and what it will take to close them – ensuring that data is secure across physical, virtual, and cloud networks.
As identity management takes a front seat in agencies’ zero trust security journeys, Federal and industry leaders agree that the government’s Identity, Credential, and Access Management (ICAM) framework is an essential element to the application of zero trust architectures, along with consolidating ICAM approaches within agencies.
As a very busy 2021 comes to a close, it’s time to reflect on the past year and look forward with optimism to the possibilities of the new one that’s about to begin. Rounding the corner to 2022, MeriTalk asked several experts on the industry side of Federal IT for their predictions of what the next year will bring.