“You can’t secure what you can’t see” is a common refrain in cybersecurity circles. It’s echoed in multiple Federal IT mandates, including the zero trust strategy and the event logging memo from the Office of Management and Budget. Gaining comprehensive visibility across agency networks, devices, applications, and identities is no mean feat in today’s diverse and ever-changing IT environments. […]

A new report from cloud security provider Zscaler titled The State of Zero Trust Transformation 2023 report finds that more than 90 percent of IT leaders surveyed are implementing zero trust architecture I connection with their cloud migration strategy over the next 12 months. […]

Federal agencies have until September 30, 2023, to report at least 80 percent of their IT systems through the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, according to an OMB Federal Information Security Modernization Act (FISMA) guidance issued on Dec. 2. […]

A senior Defense Department (DoD) technology official this week explained how a robust cloud environment is an essential element to ensuring the successful implementation of the Pentagon’s software modernization strategy. […]

The Department of Defense (DoD) today released its long-anticipated zero trust strategy and roadmap outlining how the agency plans to fully implement a department-wide zero trust cybersecurity framework by fiscal year (FY) 2027. “What is significant about the strategy is that the strategy makes zero trust tangible and achievable while recognizing a dynamic and frankly, […]

Federal cybersecurity experts explained at a Nov. 8 ATARC event that the road to zero trust security is a long and often bumpy journey that their agencies at still learning to navigate, despite some being in the game for several years now. […]

The Defense Information Systems Agency (DISA) is well prepared to meet the Department of Defense’s (DoD) 2027 zero trust architecture goal, officials said on Nov. 7 at a DISA press conference. […]

The Defense Information Systems Agency (DISA) is on track to complete work on its Thunderdome Prototype zero trust security project by January 2023, an agency official confirmed on Nov. 7 at a DISA press conference.   […]

Federal agency leaders agree that zero trust security is the “bread and butter” of their agencies’ cybersecurity operations in order to best secure personal health information, where the stakes are high given the special sensitivity of that data. […]

Chris Cleary, the U.S. Navy’s principal cyber advisor, said that data is the fuel driving the implementation of zero trust security architectures, and said agencies moving in that direction need to meet the challenge of identifying data and protecting it. […]

Federal agencies are engaged in “a tremendous amount of work” to meet requirements to move to zero trust security architecture as laid out in President Biden’s cybersecurity executive order issued last year, even as some agencies are struggling with initial steps to begin that transition, a top Cybersecurity and Infrastructure Security Agency (CISA) official said Wednesday. […]

The term zero trust is often used as a buzzword, but Department of Veterans Affairs (VA) Chief Information Officer (CIO) Kurt DelBene said a successful organization will prioritize security above all else, and have zero trust baked into its workforce culture. […]

A new survey of several hundred cybersecurity professionals reveals that nearly two-thirds of their organizations are considering alternatives to virtual private network (VPN) infrastructure for providing remote access because of the technology’s vulnerability to sophisticated cyber attacks. At the same time, the vast majority of those organizations are moving to adopt zero trust security architectures to improve security. […]

The Department of Defense’s (DoD) new zero trust strategy outlines 90 capabilities that will help the department bring to bear its “targeted” zero trust framework across the entire department, said DoD Chief Information Officer (CIO) John Sherman. […]

The growing threat of cyber threat actors has underscored a need for Federal agencies to verify and authenticate everybody and everything accessing their network. […]

The Department of Defense (DoD) plans to implement a zero trust architecture across the entire department by 2027, and will soon release a detailed strategy on how it will get there, a DoD spokesperson confirmed to MeriTalk. […]

Lawrence Hale, who recently took over as Acting Deputy Assistant Commissioner for Category Management, Office of Information Technology Category at the General Services Administration’s (GSA) Federal Acquisition Service, explained today that his office’s fiscal year 2023 priorities focus on helping Federal agencies work toward easier cloud service adoption and continued progress in zero trust security migration.  […]

Randy Resnick, Director of the Zero Trust Portfolio Management Office within the Defense Department’s (DoD) CIO office, laid out the broad strokes of DoD’s zero trust security plans during a presentation on August 23 at the 930GOV event organized by Digital Government Institute. […]

As Federal agencies continue to build out zero trust architectures, they are increasingly focused on a critical component of any zero trust strategy: identity, credential, and access management (ICAM) solutions. […]

Government organizations worldwide are making a strong push toward adopting zero trust security architectures, and at a rate exceeding that of business organizations at last check, according to a new report from IT service management provider Okta. […]

The Federal government has come a long way with implementing zero trust security architectures, but Federal chief information officers (CIOs) and chief information security officers (CISOs) hope the future of zero trust is “instinctive,” and something that is naturally baked into agencies’ programming. […]

A senior Cybersecurity and Infrastructure Security Agency (CISA) official provided an update this week on agency-level activity in their migration toward zero trust security architectures mandated by President Biden’s 2021 cybersecurity executive order and subsequent guidance documents issued by CISA and the Office of Management and Budget (OMB). […]

The cultural and mindset shifts required to advance the migration by Federal agencies to zero trust security architectures are proving to be among the more stubborn areas of change in that sweeping effort, according to Angel Phaneuf, Chief Information Security Officer, at the U.S. Army Software Factory. […]

The Federal government’s march toward zero trust security architectures is well underway with guidance documents from several agencies. And while that guidance is crucial, Federal agencies cannot confine themselves only to the practices described in them, Federal experts said during an ATARC event on August 9. […]

MeriTalk spoke with Frank Dimina, senior vice president of Americas and public sector at Splunk, about the value of log data and how agencies can facilitate collection and analysis. […]

Gerald Caron, chief information officer (CIO) and assistant inspector general (IG) for information technology at the Department of Health and Human Services (HHS), said this week that sustainability and continuous authentication are two of the keys to creating a robust identity and access management (IAM) strategy as part of how Federal agencies move to comply with President Biden’s 2021 cybersecurity executive order that requires migration to zero trust security architectures. […]

Angelica Phaneuf, Chief Information Security Officer at the Army Software Factory, explained some of the steps that her organization has been taking to meet the needs of zero trust security mandates at an August 2 event entitled Securing Identity in a Zero Trust Environment and hosted by Federal News Network. […]

Ken Myers, the chief Federal ICAM Architect at the General Services Administration (GSA), explained today that the Federal Identity, Credential, and Access Management (FICAM) Architecture has similar goals to the Federal zero trust architecture (ZTA) strategy, with both of them emphasizing identity. […]

As Federal agencies work to mature zero trust environments and stay ahead of the next big threat, fusing AI with more traditional cybersecurity strategies may be key for progress. During a May webinar, two NVIDIA computing experts explained how the company has transformed itself in recent years into a full-stack firm, with a range of high-performance software applications. […]