The CIO Council is currently leading an effort, along with a multi-agency working group, to develop a new Zero Trust Playbook for agencies, according to Thomas Santucci, the director of the General Services Administration Data Center and Cloud Optimization Initiative Program Management Office (DCCOI PMO). […]
A Defense Information Systems Agency (DISA) official explained today how the agency is approaching work on its Thunderdome zero trust prototype project, along with associated identity, credential, and access management (ICAM) efforts, and said DISA expects to have further updates on those over the next several months. […]
The Office of Management and Budget’s (OMB) finalized zero trust directive issued last week sets the stage for the first steps in implementing zero trust security architectures at Federal agencies, but a lot more work remains in the pursuit of that goal, a panel of Federal security experts agreed during an ATARC virtual event on Feb. 1. […]
The final version of the Office of Management and Budget’s zero trust security directive issued this week drew strong praise from private-sector providers of security technologies to Federal agencies for its hard deadlines and firm direction to agencies on how to begin digging into the task of migrating toward zero trust architectures. […]
Ross Nodurft, executive director of the Alliance for Digital Innovation and former chief of the Office of Management and Budget’s (OMB) cybersecurity team, gave positive reviews to the final version of OMB’s zero trust security directive to Federal agencies, but also noted agencies’ ability to find funding to implement the strategy in the near term remains somewhat cloudy. […]
Today, the Office of Management and Budget (OMB) published the final version of its strategy that directs Federal agencies to migrate to zero trust security architectures. […]
Amid the blizzard of mounting security threats posed by sophisticated adversaries and increased attack surfaces spawned by large-scale telework, most Federal agencies are getting the message and moving strongly toward developing zero trust security architectures. […]
Private sector IT firms that supply Federal government agencies with advanced technologies acknowledged the minor trend toward better grades on the 13th edition of the FITARA Scorecard, but told MeriTalk they want to see the House Oversight and Reform Committee follow through on aims to align grading categories better newer Federal tech policies that steer toward better cybersecurity and modernization of legacy systems. […]
Large numbers of private and public sector organizations have shifted to a zero trust architecture. Each organization takes a different approach to implement zero trust concepts. Still, the goal is to bring together emerging and existing technologies to ensure users and their staff experience is secure and effortless, Federal leaders said Jan. 18 during a Federal News Network virtual event. […]
General Dynamics Information Technology (GDIT) President Amy Gilliland talked about the vital role that system integrators play for Federal agencies, along with growing agency appetite for zero trust security technologies, during an address to the Northern Virginia Technology Council (NVTC) on Jan. 14. […]
One plus one still equals two, but when two providers of services vital to executing on the Federal government’s zero trust security migration mandate are the ones leveraging each other’s strengths, then the equation yields an extra boost through force multiplication. […]
Improving cybersecurity has become the key to better protecting critical infrastructure and meeting mission needs within the government space, but according to an official from the Government Accountability Office (GAO), Federal agencies still have a long way to go to be cyber-ready. […]
As identity management takes a front seat in agencies’ zero trust security journeys, Federal and industry leaders agree that the government’s Identity, Credential, and Access Management (ICAM) framework is an essential element to the application of zero trust architectures, along with consolidating ICAM approaches within agencies. […]
With 2022 just around the corner, MeriTalk is taking a month-by-month look at the most popular stories in Federal IT from 2021. […]
This year further brought IT to the forefront of many organizations’ strategies in 2021, but as Federal chief information officers (CIOs) look to 2022, strengthening their agency’s workforce and cybersecurity posture are their big priorities for the year ahead. […]
Federal Chief Information Security Officer Chris DeRusha said the Technology Modernization Fund (TMF) board – on which he sits – is looking to agencies that won awards from the fund earlier this year to pursue zero trust security projects to act as a group of pathfinders who can inform the zero trust transition work of other Federal agencies going forward. […]
To build an effective zero trust approach, emphasizing identity and privileged access management can help agencies minimize their attack surface and cyber risk, Federal officials said during ATARC’s zero trust summit on November 18. […]
Top cybersecurity officials from the Defense Department (DoD), Federal civilian agencies, and the private sector laid out their developing strategies for zero trust security migration, cloud adoption, and meeting requirements of the Biden administration’s Cybersecurity Executive Order at an October meeting of the Foundation for American Science and Technology (FAST). […]
President’s Biden executive order (EO) on improving the nation’s cybersecurity gave Federal agencies 90 days to develop a Zero Trust strategy among a slew of other deadlines. But according to an official from the Small Businesses Administration (SBA), communication remains a significant challenge in meeting this deadline. […]
The Biden administration issued its cybersecurity executive order (EO) in May 2021, giving marching orders to Federal agencies to move to zero trust security architectures, among other directives. During a SCGov panel discussion today, Federal chief information security officers (CISOs) shared how they’re leveraging their agency’s previous programs around zero trust to fulfill the obligations of the EO. […]
With cybercriminals becoming more sophisticated at disguising themselves as legitimate network users, a top Defense Department (DoD) IT official said this week that the Pentagon’s move to zero trust security architectures gives the agency a “fighting chance” to detect and eject hackers before they can do much damage. […]
According to a recently released Tripwire survey, most security professionals in the private and public sector described their zero trust security adoption as either progressing, or even well-developed, but also in need of more work. […]
The zero trust journey can present several challenges for organizations, with funding being just one of them, but Steven Hernandez, chief information security officer at the Department of Education, said the biggest hurdle he sees with zero trust comes down to cultural challenges. […]
Cloud security provider Zscaler said that its Zscaler Private Access (ZPA) service has received a provisional authorization to operate at Impact Level 5 as published in the Defense Department’s Cloud Computing Security Requirements Guide. […]
In addition to facing cyber threats from nation-states, both government and private organizations have been the victims of an increased volume of ransomware attacks from criminal organizations over the last two years. A Central Intelligence Agency (CIA) official emphasized this week that organizations need to be on the lookout for any suspicious activity on their systems in order to guard against the uptick in ransomware attacks. […]
As Federal agencies approach the six-month mark since President Biden issued his Cybersecurity Executive Order (EO) in May, Federal officials are pointing to the zero trust, supply chain risk management, and data aspects of the EO as the greatest opportunities to make a difference in shoring up security. […]
Five months after the debut of the Biden administration’s sweeping Cybersecurity Executive Order, Federal agencies are “highly engaged” in grappling with the order’s mandate for migration to zero trust security architectures, both on the planning and funding fronts. […]
With President Biden’s cybersecurity executive order (EO) directing Federal agencies to begin moving to zero trust security architectures, agencies already have begun to make the shift. However, progress on zero trust migration – which some Federal officials termed a “paradigm shift” at an ATARC webinar today – will look different for every agency. […]
When implementing a successful zero trust architecture, Federal chief information officers (CIOs) and chief information security officers (CISOs) encourage agencies to look towards modernization and to think of zero trust as an “integration architecture.” […]
As the Department of Defense (DoD) builds more artificial intelligence (AI) into its technology and operating procedures, the security of those technologies and the networks they operate will only increase in importance, said the director of the DoD’s Joint AI Center (JAIC) at the Billington Cybersecurity Summit on October 8. […]