While the zero trust security model has been widely recognized as an effective approach to preventing and mitigating data breaches, an official with the Cybersecurity and Infrastructure Security Agency (CISA) said this week there are several misconceptions Federal agencies have which make them skeptical about adopting the framework. […]

The Biden administration is asking for $300 million of additional money for the Technology Modernization Fund (TMF) in Fiscal Year 2023 – an amount that would backfill most of the $320 million that the fund has awarded to Federal agencies since it received its $1 billion infusion in the American Rescue Plan Act last year. […]

Federal agencies are emerging from a tough season of security vulnerabilities – SolarWinds and Log4j among them – knowing that bad actors are changing their game plans. At the same time, agencies are improving their cyber playbooks with zero trust guidance from the White House, the Office of Management and Budget (OMB), the Cybersecurity and Infrastructure Security Agency (CISA), and others. […]

Prompted by the White House executive order on cybersecurity, Federal agencies are accelerating their adoption of zero trust architectures. And according to Gerald Caron, chief information officer (CIO) and assistant inspector general (IG) for information technology at the Department of Health and Human Services (HHS), these models must include automation. […]

Federal chief information security officers (CISOs) today recommended that as Federal agencies implement zero trust security architectures they also put in place continuous training programs for their workforce to keep employees up to date on the technology and best practices. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft version of its Applying Zero Trust Principles to Enterprise Mobility for public comment. […]

Security, in the past, was built on fixed physical networks that allowed access to trusted individuals and kept untrusted individuals out. But, as Federal agencies transform their digital environments and increase remote work security measures had to evolve, making zero trust architectures the new norm and identity the new perimeter. […]

The National Security Agency (NSA) has released a cybersecurity technical report for its Network Infrastructure Security Guidance that features network infrastructure best practices, according to a March 1 release from the agency. […]

The National Security Telecommunications Advisory Committee (NSTAC) – a group of private sector experts that advises the White House on telecommunications issues that affect national security and emergency preparedness – is advising the Cybersecurity and Infrastructure Security Agency (CISA) to establish a dedicated Zero Trust Program Office. […]

The CIO Council is currently leading an effort, along with a multi-agency working group, to develop a new Zero Trust Playbook for agencies, according to Thomas Santucci, the director of the General Services Administration Data Center and Cloud Optimization Initiative Program Management Office (DCCOI PMO). […]

A Defense Information Systems Agency (DISA) official explained today how the agency is approaching work on its Thunderdome zero trust prototype project, along with associated identity, credential, and access management (ICAM) efforts, and said DISA expects to have further updates on those over the next several months. […]

The Office of Management and Budget’s (OMB) finalized zero trust directive issued last week sets the stage for the first steps in implementing zero trust security architectures at Federal agencies, but a lot more work remains in the pursuit of that goal, a panel of Federal security experts agreed during an ATARC virtual event on Feb. 1. […]

The final version of the Office of Management and Budget’s zero trust security directive issued this week drew strong praise from private-sector providers of security technologies to Federal agencies for its hard deadlines and firm direction to agencies on how to begin digging into the task of migrating toward zero trust architectures. […]

Ross Nodurft, executive director of the Alliance for Digital Innovation and former chief of the Office of Management and Budget’s (OMB) cybersecurity team, gave positive reviews to the final version of OMB’s zero trust security directive to Federal agencies, but also noted agencies’ ability to find funding to implement the strategy in the near term remains somewhat cloudy. […]

Today, the Office of Management and Budget (OMB) published the final version of its strategy that directs Federal agencies to migrate to zero trust security architectures. […]

Amid the blizzard of mounting security threats posed by sophisticated adversaries and increased attack surfaces spawned by large-scale telework, most Federal agencies are getting the message and moving strongly toward developing zero trust security architectures. […]

Private sector IT firms that supply Federal government agencies with advanced technologies acknowledged the minor trend toward better grades on the 13th edition of the FITARA Scorecard, but told MeriTalk they want to see the House Oversight and Reform Committee follow through on aims to align grading categories better newer Federal tech policies that steer toward better cybersecurity and modernization of legacy systems.  […]

Large numbers of private and public sector organizations have shifted to a zero trust architecture. Each organization takes a different approach to implement zero trust concepts. Still, the goal is to bring together emerging and existing technologies to ensure users and their staff experience is secure and effortless, Federal leaders said Jan. 18 during a Federal News Network virtual event. […]

General Dynamics Information Technology (GDIT) President Amy Gilliland talked about the vital role that system integrators play for Federal agencies, along with growing agency appetite for zero trust security technologies, during an address to the Northern Virginia Technology Council (NVTC) on Jan. 14. […]

One plus one still equals two, but when two providers of services vital to executing on the Federal government’s zero trust security migration mandate are the ones leveraging each other’s strengths, then the equation yields an extra boost through force multiplication. […]

Improving cybersecurity has become the key to better protecting critical infrastructure and meeting mission needs within the government space, but according to an official from the Government Accountability Office (GAO), Federal agencies still have a long way to go to be cyber-ready. […]

As identity management takes a front seat in agencies’ zero trust security journeys, Federal and industry leaders agree that the government’s Identity, Credential, and Access Management (ICAM) framework is an essential element to the application of zero trust architectures, along with consolidating ICAM approaches within agencies. […]

With 2022 just around the corner, MeriTalk is taking a month-by-month look at the most popular stories in Federal IT from 2021. […]

This year further brought IT to the forefront of many organizations’ strategies in 2021, but as Federal chief information officers (CIOs) look to 2022, strengthening their agency’s workforce and cybersecurity posture are their big priorities for the year ahead. […]

Federal Chief Information Security Officer Chris DeRusha said the Technology Modernization Fund (TMF) board – on which he sits – is looking to agencies that won awards from the fund earlier this year to pursue zero trust security projects to act as a group of pathfinders who can inform the zero trust transition work of other Federal agencies going forward. […]

To build an effective zero trust approach, emphasizing identity and privileged access management can help agencies minimize their attack surface and cyber risk, Federal officials said during ATARC’s zero trust summit on November 18. […]

President’s Biden executive order (EO) on improving the nation’s cybersecurity gave Federal agencies 90 days to develop a Zero Trust strategy among a slew of other deadlines. But according to an official from the Small Businesses Administration (SBA), communication remains a significant challenge in meeting this deadline. […]

The Biden administration issued its cybersecurity executive order (EO) in May 2021, giving marching orders to Federal agencies to move to zero trust security architectures, among other directives. During a SCGov panel discussion today, Federal chief information security officers (CISOs) shared how they’re leveraging their agency’s previous programs around zero trust to fulfill the obligations of the EO. […]