GovLoop

3 Keys for Federal Agencies Navigating Zero Trust Mandates

In today’s dynamic cybersecurity landscape, federal civilian agencies face persistent cyber threats. The traditional approach of establishing perimeter protections is no longer sufficient; the new standard for cybersecurity is synonymous with zero trust.

According to the Cybersecurity and Infrastructure Security Agency (CISA), zero trust is an approach that restricts access to data, networks and infrastructure to the bare minimum necessary, continuously verifying the legitimacy of such access. This involves creating micro perimeters around each application and its data, making it easier to contain and mitigate attacks within specific boundaries.

The concept of zero trust isn’t entirely new, but it has garnered more attention recently. Most notably, a January 2022 White House memo requires agencies to meet specific zero-trust strategy objectives by Sept. 30, 2024, the end of the fiscal year. That builds on a 2021 executive order that lauds zero trust’s protective capabilities: “The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.”

However, despite the evident benefits, the transition to zero trust poses challenges. A year ahead of the deadline, a recent report found that only 67% of federal agencies felt confident about meeting it.

To assist agencies in this transition, CISA released the Zero Trust Maturity Model, Version 2.0, providing a baseline for access controls and guiding agencies in consolidating identity systems. This model breaks zero trust into five pillars: identity, devices, network, data, and applications and workloads, with a roadmap for each pillar to facilitate the transition.

Key solutions that agencies should keep in mind to help them comply with zero-trust guidance are:

Strategic Partners to Ensure Mission Success

Elevate your agency’s performance with mission-critical solutions. Redefining e-governance, VMware and Presidio Federal customize offerings to address cybersecurity challenges and fortify digital government operations, allowing agencies to seamlessly manage the cloud, proactively prevent threats, and enable a mobile workforce. Discover unparalleled excellence with VMware and Presidio Federal. Get started today at presidiofederal.com/partners/vmware.

  

Image by CoolVid-Shows from Pixabay
Exit mobile version