With President Biden’s cybersecurity executive order (EO) directing Federal agencies to begin moving to zero trust security architectures, agencies already have begun to make the shift. However, progress on zero trust migration – which some Federal officials termed a “paradigm shift” at an ATARC webinar today – will look different for every agency.
Several Federal government officials involved in migrating government agencies toward adoption of zero trust security principles agreed during a September 30 ATARC webinar that agencies need to first think through the goals of adopting zero trust architectures before undertaking technology deployments to get there.
The U.S. Army Corps of Engineers is looking to enhance its cybersecurity efforts with zero trust security concepts, according to the Corps’ Chief Information Officer (CIO), Dovarius Peoples.
Now that the Office and Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) have released their new directives for Federal civilian agencies to move to zero trust security principles and expanded cloud adoption, what are some near-term steps that Federal IT and cybersecurity officials should think about as they get ready to put those directives into action?
The Biden administration’s latest set of directives that aim to move Federal agencies toward zero-trust security architectures and more cloud adoption are receiving positive initial reviews from Federal IT officials, although leaving some to wonder where funding will come from for agencies to follow through on the directives.
The Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) both published key draft guidance documents today that provide the next set of road maps for Federal civilian agencies to transition to zero trust security concepts over the next three years and to guide agencies to securely migrate to cloud services.
Nicolas Chaillan, the first-ever chief software officer (CSO) of the United States Air Force (USAF) and co-lead of the Department of Defense (DoD) Enterprise DevSecOps Initiative, announced his resignation today in a post on LinkedIn.
Like all Federal agencies, the Office of Personnel Management (OPM) is working on complying with President Biden’s cyber executive order (EO). To help comply with the EO and aid OPM’s modernization mission, the agency has funding requests out to the Technology Modernization Fund (TMF) Board to help OPM with the move to zero trust and cloud modernization, OPM CIO Guy Cavallo said August 31.
Ransomware attacks are on the rise and adversaries are developing more sophisticated cyberattacks, but Federal cyber experts agree that “the vast majority” of ransomware attacks active today can be prevented by good basic cyber hygiene practices.
The National Archives and Records Administration (NARA) is making bids with the Technology Modernization Fund (TMF) for funding that will help the agency improve cybersecurity and replace legacy systems that run high-value assets, said Sheena Burrell, NARA’s Deputy CIO, at a GovLoop event on August 19.
With the coronavirus pandemic continuing to provide a stubborn barrier to full-fledged office workplace returns for many Federal agencies, the Commerce Department’s chief information security officer (CISO) spoke on August 17 about paying attention to human-centric aspects of security in the development of next-generation workplaces.
An August 10 memo from Shalanda Young, acting director of the Office of Management and Budget (OMB), is providing instructions to Federal agencies about how to comply with security guidance of “critical software” as directed by President Biden’s executive order (EO) on cybersecurity issued in May.
The Government Accountability Office (GAO) published a fresh update on its priority open recommendations for the Department of Defense (DoD), showing that while the Pentagon has been busy trying to satisfy numerous prior recommendations from the watchdog agency, its overall to-do list from GAO is staying about the same because a steady stream of new recommendations are being added.
The Cybersecurity and Infrastructure Security Agency (CISA) released a new training guide to help IT professionals advance their careers in the Federal and state, local, tribal, and territorial cybersecurity communities.
Federal Chief Information Security Officer Chris DeRusha said today that working to update the Federal Information Security Management Act (FISMA) – and generate more useful Federal agency cybersecurity metrics as a result – are among his top priorities currently.
The White House released a National Security Memorandum (NSM) today containing a new set of actions aimed to strengthen cybersecurity efforts to protect United States critical infrastructure amid the growing number of cyber threats and cyberattacks.
The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) has named 18 firms it will work with on NCCoE’s Implementing a Zero Trust Architecture Project.
Federal CISO Chris DeRusha said today that the ongoing solicitation of Federal agency bids for money from the Technology Modernization Fund (TMF) is drawing a lot of interest in security-related projects – one of the four primary areas that the TMF Board identified earlier this year as ones it would prioritize as it works to deploy up to $1 billion of new funding capacity from the American Rescue Plan Act.
Federal agency chief information security officers (CISOs) talked about several aspects of the Biden administration’s cybersecurity executive order (EO) during a July 15 FedInsider webinar in which they flagged steps agencies should be taking to meet the order’s requirements.
With President Biden’s cyber executive order (EO) guiding Federal agencies towards implementing zero trust architectures, the U.S. Army Corps of Engineers has already created a Zero Trust Playbook to help outline the change and create guidelines, the Corps’ CIO said today.