Cloud security provider Zscaler said that its Zscaler Private Access (ZPA) service has received a provisional authorization to operate at Impact Level 5 as published in the Defense Department’s Cloud Computing Security Requirements Guide.
As a result, the company said, “government agencies and their contractors will be able to use Zscaler’s Zero Trust platform for systems that manage their most sensitive Controlled Unclassified Information (CUI) as well as unclassified National Security Systems (NSSs).”
The new authorization from DoD “underscores Zscaler’s deep commitment to Federal cybersecurity, and to supporting DoD organizations as they implement Defense Information Systems Agency’s (DISA) new Zero Trust cybersecurity reference architecture,” the company said.
“It also highlights Zscaler’s support of Federal agencies in their journey to meet TIC 3.0 guidelines and build zero trust plans required in the new Executive Order for Improving the Nation’s Cybersecurity, and the draft Federal Zero Trust Strategy,” it said.
“Zscaler is excited to achieve IL5 authorization to support our DoD customers and their respective missions,” commented Drew Schnabel, Zscaler’s Vice President of Federal. “This achievement demonstrates our commitment to secure service members and contractors at the highest data classification levels with zero trust security. This is a critical milestone in our journey to protect data and defend against our adversaries.”
Separately, Zscaler published a new report from the company’s ThreatLabz operation that found a three-fold increase in threats inside encrypted traffic based on analysis of encrypted traffic across the Zscaler cloud from January to September 2021.
“It’s now critical to inspect all traffic, on-premises and off, but many organizations still struggle to stop encrypted threats,” the report says. The publication covers what industries are being targeted most by encrypted attacks, the most common attack vectors, and how to stop encrypted attacks with a zero trust strategy.