Building on the May 2021 Cybersecurity executive order, Office of Management and Budget (OMB) memorandum M-22-09 sets out ambitious timelines for Federal agencies to improve cybersecurity. However, many agencies may be closer than they realize to the mandates laid out in M-22-09, particularly regarding multifactor authentication (MFA). […]

Following up on the May 2021 executive order (EO), which requires Federal agencies to adopt zero trust, the Office of Management and Budget (OMB) issued memorandum 22-09 (M-22-09) in January 2022. It sets forth a Federal zero trust architecture strategy, requiring agencies to meet specific cybersecurity objectives by the end of 2024. M-22-09 also provides specific direction for implementing identity-driven security measures such as multi-factor authentication (MFA) to prevent sophisticated online attacks. […]

Bryan Rosensteel has spent more than a decade working with identity in the Federal government. As a Federal solutions architect at identity services provider Ping Identity, he advises government agencies on best practices for deploying zero trust security architecture. When President Biden issued the Executive Order on Improving the Nation’s Cybersecurity (EO), Rosensteel was positively giddy about its potential to transform the way government secures data and operations. MeriTalk sat down with Rosensteel to explore the letter and the spirit of the EO, how centralized identity, credential, and access management (ICAM) can help agencies get to zero trust, and why agencies shouldn’t inherently trust anything – not even technology. […]

Richard Bird is an Army veteran and an internationally recognized identity-centric security expert who has been a CIO and CISO and the global head of identity for JP Morgan Chase. Now, he is chief customer information officer for Ping Identity. […]