The board of the Technology Modernization Fund (TMF) has been reviewing in recent days proposals from Federal agencies to help fund their efforts to move toward zero trust security architectures, according to Matt Hartman, who is deputy executive assistant director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), and also a member of the TMF board.
The fund is flush with $1 billion of new cash from the American Rescue Plan Act and has loosened its usual repayment terms for project awards in an effort to put the new money to work quickly.
Last month, the fund asked Federal agencies to submit project proposals by June 2 and said it would give the highest priority consideration to proposals to modernize “high-priority” systems, improve cybersecurity, boost public-facing digital systems, and create cross-government services and infrastructure.
Speaking today during MeriTalk’s Accelerating Success – How to Meet the Requirements of the New Cybersecurity Executive Order webinar, Hartman urged Federal agencies to consider applying for TMF money to jumpstart efforts to move toward zero trust security architectures – one of the major goals of the Biden administration’s cybersecurity order.
“We reviewed three agency proposals just last Monday, focused on zero trust,” Hartman said.
The fund is administered by the General Services Administration with the help of the board, and Hartman said the board has “really focused on security” in its reviews of the last round of agency funding bids.
Also speaking on today’s MeriTalk webinar, former CISA Assistant Director of Cybersecurity Bryan Ware said the executive order was “super important” for improving public and private sector security, and said the Biden administration has assembled a very strong Federal government leadership team to deal with cybersecurity issues.
Ware, who is now president at Next5, said that available funding for Federal agencies to pursue zero trust could come from TMF or from the $650 million budget bump that CISA received for cybersecurity work earlier this year in the American Rescue Plan, but he also emphasized that more enduring sources of funding are needed.
“These are a great shot in the arm,” Ware said, “but we need long-term, enduring funding” to execute the vision of the executive order.
He also cautioned government agencies to be wary of embracing too many security products in their quest to migrate toward zero trust concepts and advocated that the government coalesce around just a few products so that data management will go more smoothly down the line.
Miguel Sian, Vice President of Technology at Merlin Cyber, explained during today’s webinar design principles of zero trust security architectures, and the role of numerous components including identity and access management, and encryption. He also talked about the executive order’s reliance on CISA to centralize endpoint detection and response capabilities and to conduct threat hunting across Federal agency networks.
For the whole story, please access MeriTalk’s complimentary webinar.