Education Department CISO Steven Hernandez joined MeriTalk’s CDM Central: the Age of the Cyber Defenders virtual conference on May 12 to discuss how the Continuous Diagnostics and Mitigation (CDM) program and automation are impacting the agency. […]
In the wake of recent high-profile cyberattacks, IT experts gathered at MeriTalk’s CDM Central: The Age of Cyber Defenders virtual event on May 12 agreed that the Federal government needs to accelerate innovation when it comes to cybersecurity, and that includes implementing the Continuous Diagnostics and Mitigation (CDM) program, along with zero trust security concepts. […]
Federal Chief Information Security Officer Chris DeRusha explained today that the foundational elements of the Continuous Diagnostics and Mitigation (CDM) program are fundamental to moving Federal government network security to zero trust concepts and that implementation of the program only becomes more important as cyber threats increase. […]
Although zero trust has become a bit of a buzzword in the IT world, experts agree that zero trust is “foundational” to all security approaches and that foundation needs to continue to grow in tandem with emerging tech. […]
As Federal agencies look to modernize their cyber defenses and move to zero trust architecture, Trusted Internet Connection (TIC) 3.0 guidance will help push them along the path, with help from a zero trust use case that is in the pipeline, the TIC program manager said on April 29. […]
Senior Federal IT experts – including the current and former Federal CISO and the Pentagon’s top IT official – are expressing broad agreement that the necessary ingredients are at hand to begin implementing zero trust security concepts for government networks, and that the time to act is now. […]
While a clear majority of stakeholders in the Continuous Diagnostics and Mitigation (CDM) program believe that CDM is more important than ever in defending against cyber breaches, only a small fraction praise CDM for its ability to build civilian government network resilience following a breach. […]
Federal agency leaders agree that zero trust is a journey that will take time to implement but, with modern-day cyber threats, the sooner agencies implement zero trust the better. […]
As telework and cyber threats are both ever-increasing, the move to zero trust security concepts is needed as a generational shift in security strategy for Federal agencies to stay one step ahead of adversaries, cybersecurity experts said April 7 during FCW’s Zero Trust Workshop. […]
Back in December 2019, months before the COVID-19 pandemic hit, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a draft document of its Trusted Internet Connections (TIC) 3.0 guidance. […]
Cybersecurity experts stressed this week that Federal agencies must keep stay focused on future threats and on moving toward adoption of zero trust security concepts, although they acknowledged that the latter tasks is “easier said than done.” […]
The COVID-19 pandemic forced Federal agencies to shift to majority telework in a matter of days. Over the last 12 months, agencies have had to rapidly learn how to keep their networks secure in a new work environment. […]
The National Security Agency (NSA) has released Zero Trust security model guidance for organizations to boost security of sensitive data, systems, and services. […]
Officials from the Defense Department (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) said today that creating more effective defenses against sophisticated cyberattacks of the type used in the SolarWinds Orion hack may require further adoption of zero trust security concepts. […]
Beth Cappello, acting CIO at the Department of the Homeland Security (DHS), explained agency IT progress on a range of fronts on Feb. 10 at a virtual conference organized by FCW, including ongoing modernization efforts, implementing “SecDevOps,” and enabling implementation of zero trust security concepts. […]
Faced with evolving technologies, increased use of hybrid cloud infrastructures, and the continuing need to provide widescale telework capabilities, all Federal agencies should be looking at migrating to zero trust security concepts, experts from two agencies said this week. […]
The COVID-19 pandemic moved the zero trust network security model from a theoretical discussion in many government agencies to a priority, government and industry executives said Dec. 3 during MeriTalk’s virtual CDM Central conference. […]
Defense Information Systems Agency (DISA) Director Vice Adm. Nancy Norton said today she expects to release reference architecture documents “very shortly” for DISA’s planned implementation of zero trust security concepts. […]
Before the COVID-19 pandemic forced hundreds of thousands of Federal employees to remote work environments, zero trust was mainly a concept in the minds of cybersecurity experts that had not been fully actualized. But as telework has become the new normal, enabling zero trust capabilities is a key goal for various agencies. […]
With Federal agencies moving to the cloud and adapting to agency needs, the move away from a network-focused viewpoint compliments a zero-trust architecture, said IT officials from the Department of Homeland Security (DHS) and the Defense Logistics Agency (DLA). […]
Federal officials this week discussed how they can support new approaches like zero trust and SD-WAN in an efficient and secure way by leveraging the Enterprise Infrastructure Solutions (EIS) contract along with security requirements of the Trusted Internet Connections (TIC) 3.0 policy. […]
The National Cybersecurity Center of Excellence (NCCoE) is looking for industry partners to support its efforts to build exemplar zero-trust architectures that meet the standards set out by NCCoE’s parent organization, the National Institute of Standards and Technology (NIST). […]
As the seriousness of the coronavirus pandemic became apparent early this year, the first matter of business for the Federal government was simply getting employees online and ensuring they could carry on with their critical work and missions. This is a unique challenge in the government space due to the sheer size of the Federal workforce and the amount of sensitive data those workers require – everything from personally identifiable information to sensitive national security information. And yet, the Department of Defense, for one, was able to spin up secure collaboration capabilities quite quickly thanks to the cloud, while the National Security Agency recently expanded telework for unclassified work. […]
Department of Homeland Security (DHS) Deputy Chief Technology Officer Brian Campo said that DHS has finalized the final draft of a two-year roadmap for adoption of the zero trust security model. […]
Across several agencies with the Department of Defense (DoD), building a zero-trust architecture to secure IT systems is becoming the strategy of choice for agency leaders as several confirmed efforts to transition over from a traditional perimeter approach today. […]
The principal information technology advisor to the commander of the Army Corps of Engineers said today that his organization is using zero trust principles to secure systems, and finds zero trust especially compelling because the organization relies on outside parties to provide technology services. […]
The National Institute of Standards and Technology (NIST) launched the final version of Special Publication (SP) 800-207 Zero Trust Architecture on August 11. […]
At the Department of Defense (DoD), emphasizing a zero-trust security model is helping the agency overcome common security mishaps, Director of Defense Research and Engineering for Modernization Mark Lewis shared. […]
2020 marks the start of a new era in government IT. Federal, state, and local government IT leaders are quickly scaling work from home support levels, despite many organizations lacking needed infrastructure and security controls for a perimeterless work environment. […]
The final version of National Institute of Standards and Technology (NIST) Special Publication 800-207 on zero trust could be released as soon as this month, with an opportunity for industry collaboration coming this fall, a NIST official confirmed today. […]