Good communication plays an outsized role in how highly federated government agencies – those with numerous component parts – will be able to implement different approaches to zero trust security rather than pursue one-size-fits-all policies, Federal government officials said today at ATARC’s Zero Trust Summit event in Washington.
Joe Franco, MeriTalk’s director of programs, moderated a panel discussion during which he asked Jodi Kouts, senior advisor for policy, IM-1, in the Office of the Chief Information Officer at the U.S. Department of Energy, how the highly federated agency is proceeding with its zero trust strategies.
“There’s not a one-size-fits-all,” Kouts said. “It’s really dependent on successfully deploying a bunch of different technologies through automation and orchestration, and using them together in a way that supports very specific applications and mission environment in order to successfully achieve that mission,” she said.
Kouts said the Energy Department is working to improve collaboration between its component organizations.
“One of the things that we realized is that we have to increase our collaboration … We have to communicate, we have to share some common guidance and common goals,” she said.
Conrad Bovell, branch chief, Cybersecurity Advisory and Strategy, Office of Information Security at the U.S. Department of Health and Human Services, talked about the importance of communications and through that process, finding that other departments are trying to solve similar problems.
He described the “joy that you experience when you recognize that there’s a specific area that is causing you a considerable amount of pain – because of budget, technology, resources – then all of a sudden you’re sitting in a discussion in our working group, [and] you’re introduced to an organization that is mature in that particular area and they’re explaining to you the challenges that they had.”