The U.S. Army Corps of Engineers is looking to enhance its cybersecurity efforts with zero trust security concepts, according to the Corps’ Chief Information Officer (CIO), Dovarius Peoples.
During a Sept. 23 NextGov event, Peoples said he believes the Corps’ is “adequately protected” against cyberattacks but stressed that an agency can “never be too protected.”
“We can always enhance the cybersecurity posture,” Peoples said during the event. “We’re beginning to look at things such as zero trust – the zero trust methodology and framework. We began to evolve that based off the presidential executive order, which also addresses IT as well as OT and zero trust is that methodology that’s going to take cybersecurity and how we integrate and operate to the next level.”
Back in July, Peoples said the Corps’ had already created a Zero Trust Playbook before the executive order (EO) came out, but said going forward the Corps’ is taking a hard look at how to implement the requirements in the EO and looking at zero trust from “all aspects.”
Peoples also said meeting end-users where they are currently and training them up will be key to properly integrate a zero trust architecture at the Corps, as well as leveraging shared services in that process.
“We’re never satisfied with the security posture,” Peoples said. “We are always aiming to strive to do better, to continue to enhance where we are and evolve, finding a good balance between mission and cyber, because that’s where the real balance comes into place. But you can never be too cyber secure and we’re always working to evolve our cyber posture.”
“Security is at the forefront of everything we do,” he added. “From an operational technology perspective, ensuring that we are properly secure really enhances how we protect on the back end our critical infrastructure, from a civil works perspective, as well as how we look at it from an Army perspective, DoD aspect as well too. So, definitely cybersecurity is at the forefront of everything we do.”