The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) is looking for feedback on the fourth version of its preliminary draft practice guide, Implementing a Zero Trust Architecture.  […]

Fresh off his induction into the 2024 class of Cyber Defenders, we were delighted to sit down for a half hour with Gary Barlet – who is public sector chief technology officer at Illumio – for a wide ranging talk about government cybersecurity needs, the criticality of the current zero trust security transition, and the multiple facets of artificial intelligence (AI) technology in the hands of both adversaries and network defenders. […]

Federal and industry cybersecurity experts said last week that transitioning to zero trust security architectures requires a “cultural shift” within organizations that are pursuing that goal.   […]

Following a record-breaking ransomware payout of $75 million this year, industry cloud security leaders warn that other ransomware attackers may become emboldened by other groups’ successes.   […]

The Department of Defense (DoD) is requiring its components and military services to meet target level goals of the Pentagon’s Zero Trust Strategy by fiscal year 2027. But for the U.S. Army, this goal is especially challenging given its unique and large-scale operational environment. […]

Federal civilian agencies are racing to meet the Biden administration’s Sept. 30 deadline to move toward zero trust principles. While the Department of Defense (DoD) has more time – until FY2027 – to address many of the core objectives in its zero trust strategy, all government sectors are keenly focused on modernizing security to guard against cyber threats that are growing in number and sophistication. […]

The Department of the Air Force’s (DAF) Office of the Chief Information Officer (CIO) has unveiled a new zero trust strategy to further safeguard critical assets and enhance resilience against emerging cyberthreats, the DAF CIO announced in a LinkedIn post on Tuesday. […]

The head of cybersecurity at the Defense Information Systems Agency (DISA) offered several updates this week on how DISA is streamlining its “mountain” of data to enable the agency to automate its cybersecurity activities and make key progress in its Thunderdome zero trust security solution. […]

Department of Defense (DoD) Chief Information Officer John Sherman will be stepping down from his post at the end of this month, the department announced today. […]

The Department of Defense’s (DoD) Office of the Chief Information Officer (CIO) on June 4 released new guidance to help defense agencies implement target and advanced levels of the DoD’s Zero Trust Strategy. […]

The National Security Agency (NSA) released a new Cybersecurity Information Sheet (CSI) on May 22 sharing the best practices for securing applications from unauthorized users and ensuring continuous visibility of the workload at any given time. […]

The Department of Homeland Security’s U.S. Secret Service component is making progress on identity, credential, and access management (ICAM) improvements that are at the core of its progress toward creating zero trust security architectures, the agency’s chief information security officer (CISO) said.  […]

The Defense Information Systems Agency (DISA) expects to roll out its Thunderdome program to 60 sites in fiscal year (FY) 2024 – thus far the agency has deployed the zero trust program to 23 sites, an agency spokesperson confirmed. […]

A review of the Defense Department’s component-level zero trust security implementation plans is painting a clearer picture of trends and challenges running through the three-dozen-plus plans – including the vital importance of proper funding for components, and achieving interoperability across component zero trust plans – to meet DoD’s 2027 zero trust deployment goal. […]

The National Security Agency (NSA) issued a cybersecurity information sheet (CIS) on April 9 detailing recommendations for maturing data security and enforcing access to data in transit and at rest. […]

Sean Connelly, who has been long been a prime mover on zero trust and other security policies for the Cybersecurity and Infrastructure Security Agency (CISA), will soon be leaving Federal government service to join cloud security provider Zscaler, the company confirmed to MeriTalk. […]

In the lead-up to the Adapt 2024 conference in Washington on April 16, we sat down with two senior Axonius Federal officials – Brian “Stretch” Meyer, Senior Director of Federal Engineering, and Kevin Jones, Senior Director of Federal Sales – to talk about how Federal agencies are grappling with zero trust security mandates, and how Axonius is helping them leapfrog some of the toughest obstacles to the goal of achieving better security. […]

How do Federal cyber practitioners adapt to an increasingly complex attack surface? Where do Federal security leaders turn to reimagine the future cyber landscapes? Find answers to both of those questions at Adapt 2024: Reimagining Our Federal Cyber Future – a one-day event that brings together IT, cybersecurity, and operations leaders to unpack the complex security challenges that face U.S. government agencies. […]

The Department of Defense (DoD) is on track to meet its 2027 zero trust cybersecurity framework goal, top Pentagon officials said this week. […]

The Department of Defense (DoD) officially approved zero trust implementation plans from all of its components last month, and the agency is now looking to focus on “minimum viable solutions” for the plans by tackling specific security-related issues each year. […]

The time when Federal IT leaders can prioritize cybersecurity more than user experience (UX) is over, according to State Department Chief Information Officer (CIO) Kelly Fletcher. […]

The Department of Defense (DoD) has officially approved zero trust implementation plans from all 41 of its components as it inches closer to its goal of implementing a zero trust architecture across the entire department by 2027. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is undergoing a large-scale modernization process with plans to migrate the majority of its legacy IT systems to a brand-new “greenfield solution” later this year, according to CISA Chief Information Officer (CIO) Robert (Bob) Costello. […]

As Federal agencies continue on their zero trust journeys, Federal officials on Thursday stressed the importance of being intentional with their cybersecurity tools and budgets in order to remain a step ahead of adversaries. […]

A top NASA official on Feb. 29 used a catastrophic visual to capture the challenge of securing both operational technology (OT) devices and IT in the push for zero trust. […]

The Department of Defense (DoD) is well on its way to implementing an enterprise-wide zero trust architecture following review of implementation plans from DoD organizations, the department’s zero trust lead said today, although the process has not been without its bumps in the road. […]

The head of IT at the Department of Justice (DoJ) today laid out how zero trust must be incorporated into the five strategic pillars of “good IT operations,” including enhancing cybersecurity and elevating the workforce.   […]

Zero trust security is a complex and moving target, but cybersecurity experts today explained how focusing on your people and instilling a culture of cybersecurity can help Federal agencies reduce zero trust complexity. […]

The government’s move to zero trust security is picking up speed, with Federal agencies facing an Office of Management and Budget deadline to meet specific zero trust goals by the end of fiscal year 2024. Peter Romness specializes in just this type of situation: the cybersecurity principal in the CISO Advisor’s Office at Cisco Systems has been helping government customers achieve their missions for nearly 35 years. In a recent interview with MeriTalk, Romness offered expert tips to agencies on how they can make faster progress – often with existing tools – in boosting cybersecurity and meeting the Federal mandates. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is moving to consolidate disparate zero trust security policy functions into a new single office at the agency. […]