While zero trust may be the latest buzzword in cybersecurity, the security principles behind a zero trust architecture aren’t new. Adoption across the Federal government has been slow as agencies deal with legacy systems, budget issues, competing priorities, and a shortage of security experts. […]

The board of the Technology Modernization Fund (TMF) has been reviewing in recent days proposals from Federal agencies to help fund their efforts to move toward zero trust security architectures, according to Matt Hartman, who is Deputy Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), and also a member of the TMF board.   […]

The cybersecurity executive order (EO) signed by President Joe Biden is requiring Federal agencies to make plans for implementing zero trust architectures to strengthen cybersecurity postures and the directive is being largely seen as a positive by agency experts. […]

The road to Federal agencies implementing zero trust security architecture – one of the overriding goals of President Biden’s cybersecurity executive order – leads unavoidably through completion of the transition to a network infrastructure that relies on all-IPv6 (Internet Protocol version 6) address protocols, Federal IT officials emphasized today. […]

Major Federal government IT and cybersecurity modernization plans – from the rapid deployment of zero trust architectures and 5G technologies to the adoption of IoT and smart infrastructures – depend upon a scalable, robust and agile network infrastructure as a foundation for such advances.  The Federal government has committed to the full transition to IPv6 as its basis for network modernization, and in November 2020, the Office of Management and Budget (OMB) issued a policy that outlined the strategic intent for the government to deliver its information services, operate its networks, and access the services of others using only IPv6. […]

The Defense Information Systems Agency (DISA) has issued a request for information (RFI) to assist the agency in efforts to procure tools, systems, and capabilities to assist in deploying a zero trust Secure Access Service Edge (SASE) capability. […]

President Joe Biden and Vice President Kamala Harris submitted the President’s Fiscal Year (FY) 2022 budget request to congress which includes $715 billion of which is allocated for the Department of Defense (DoD) to bolster the Pentagon’s technological capabilities, among other objectives. […]

Anne Neuberger, the White House deputy national security advisor for cyber and emerging technologies who is a driving force behind the Biden administration’s cybersecurity executive order issued earlier this month, today noted an initial “disappointment” with Federal network hygiene in a follow-up discussion about the broader aims of the order. […]

The Defense Department’s (DoD) top cybersecurity official said at the RSA Cybersecurity Conference today that the agency’s current efforts to implement zero trust security concepts represent a “game changer” in the Pentagon’s network security efforts, but emphasized that traditional perimeter and layered defenses remain as important as ever in DoD’s big-picture security strategy. […]

The Defense Information Systems Agency (DISA) on May 13 released the initial Defense Department (DoD) Zero Trust Reference Architecture that aims to boost cybersecurity and “maintain information superiority on the digital battlefield.” […]

Federal agency progress in implementing the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program would benefit from a kick-start from Congress in the form of more funding for the program, along with money for agencies that have to pay for the additional security capabilities on an ongoing basis. […]

Education Department CISO Steven Hernandez joined MeriTalk’s CDM Central: the Age of the Cyber Defenders virtual conference on May 12 to discuss how the Continuous Diagnostics and Mitigation (CDM) program and automation are impacting the agency. […]

In the wake of recent high-profile cyberattacks, IT experts gathered at MeriTalk’s CDM Central: The Age of Cyber Defenders virtual event on May 12 agreed that the Federal government needs to accelerate innovation when it comes to cybersecurity, and that includes implementing the Continuous Diagnostics and Mitigation (CDM) program, along with zero trust security concepts. […]

Federal Chief Information Security Officer Chris DeRusha explained today that the foundational elements of the Continuous Diagnostics and Mitigation (CDM) program are fundamental to moving Federal government network security to zero trust concepts and that implementation of the program only becomes more important as cyber threats increase. […]

Although zero trust has become a bit of a buzzword in the IT world, experts agree that zero trust is “foundational” to all security approaches and that foundation needs to continue to grow in tandem with emerging tech. […]

As Federal agencies look to modernize their cyber defenses and move to zero trust architecture, Trusted Internet Connection (TIC) 3.0 guidance will help push them along the path, with help from a zero trust use case that is in the pipeline, the TIC program manager said on April 29. […]

Senior Federal IT experts – including the current and former Federal CISO and the Pentagon’s top IT official – are expressing broad agreement that the necessary ingredients are at hand to begin implementing zero trust security concepts for government networks, and that the time to act is now. […]

While a clear majority of stakeholders in the Continuous Diagnostics and Mitigation (CDM) program believe that CDM is more important than ever in defending against cyber breaches, only a small fraction praise CDM for its ability to build civilian government network resilience following a breach. […]

Federal agency leaders agree that zero trust is a journey that will take time to implement but, with modern-day cyber threats, the sooner agencies implement zero trust the better. […]

As telework and cyber threats are both ever-increasing, the move to zero trust security concepts is needed as a generational shift in security strategy for Federal agencies to stay one step ahead of adversaries, cybersecurity experts said April 7 during FCW’s Zero Trust Workshop. […]

Back in December 2019, months before the COVID-19 pandemic hit, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a draft document of its Trusted Internet Connections (TIC) 3.0 guidance. […]

Cybersecurity experts stressed this week that Federal agencies must keep stay focused on future threats and on moving toward adoption of zero trust security concepts, although they acknowledged that the latter tasks is “easier said than done.” […]

The COVID-19 pandemic forced Federal agencies to shift to majority telework in a matter of days. Over the last 12 months, agencies have had to rapidly learn how to keep their networks secure in a new work environment. […]

The National Security Agency (NSA) has released Zero Trust security model guidance for organizations to boost security of sensitive data, systems, and services. […]

Officials from the Defense Department (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) said today that creating more effective defenses against sophisticated cyberattacks of the type used in the SolarWinds Orion hack may require further adoption of zero trust security concepts. […]

Beth Cappello, acting CIO at the Department of the Homeland Security (DHS), explained agency IT progress on a range of fronts on Feb. 10 at a virtual conference organized by FCW, including ongoing modernization efforts, implementing “SecDevOps,” and enabling implementation of zero trust security concepts. […]

Faced with evolving technologies, increased use of hybrid cloud infrastructures, and the continuing need to provide widescale telework capabilities, all Federal agencies should be looking at migrating to zero trust security concepts, experts from two agencies said this week. […]

The COVID-19 pandemic moved the zero trust network security model from a theoretical discussion in many government agencies to a priority, government and industry executives said Dec. 3 during MeriTalk’s virtual CDM Central conference.  […]

Defense Information Systems Agency (DISA) Director Vice Adm. Nancy Norton said today she expects to release reference architecture documents “very shortly” for DISA’s planned implementation of zero trust security concepts. […]