Acting Defense Department (DoD) CIO John Sherman said he has set his sights on generating faster progress on implementation of zero trust security concepts throughout DoD as a key follow-up to the agency’s success in facilitating rapid and widespread telework during the coronavirus pandemic.

[…]

cybersecurity

The year-plus of societal misery and dislocation wrought by the coronavirus pandemic has helped to deliver two mega-trends to the Federal government IT landscape that will far outlast the public health crisis. The first is the permanence of remote work, and second is the urgent need to evolve IT security to defend expanded attack surfaces against increasingly sophisticated adversaries.

[…]

telework
Air Force

The National Security Agency (NSA) has released Zero Trust security model guidance for organizations to boost security of sensitive data, systems, and services.

[…]

Sens. Susan Collins, R-Maine, and Jacky Rosen, D-Nev., are introducing legislation that will provide up to $15 billion in matching grants to increase access to broadband services in areas of the United States that are unserved by broadband meeting the Federal Communications Commission (FCC) minimum definition of that service.

[…]

cybersecurity

Officials from the Defense Department (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) said today that creating more effective defenses against sophisticated cyberattacks of the type used in the SolarWinds Orion hack may require further adoption of zero trust security concepts.

[…]

Beth Cappello, acting CIO at the Department of the Homeland Security (DHS), explained agency IT progress on a range of fronts on Feb. 10 at a virtual conference organized by FCW, including ongoing modernization efforts, implementing “SecDevOps,” and enabling implementation of zero trust security concepts.

[…]

cybersecurity

Federal agencies have made major changes in their approach to network security in the recent past, spurred by last year’s move to widespread telework, the implementation of Trusted Internet Connections (TIC) 3.0, and the desire toward zero-trust network security, a panel of agency officials and experts explained.

[…]

cybersecurity

Faced with evolving technologies, increased use of hybrid cloud infrastructures, and the continuing need to provide widescale telework capabilities, all Federal agencies should be looking at migrating to zero trust security concepts, experts from two agencies said this week.

[…]

With one of the most abnormal years of our lifetimes coming to an end, we look back at the top Fed IT moments of 2020. In a year with both a pandemic and an election, the government had to change the way it worked, ensure trust in election outcomes, and modernize on the fly.

[…]

cybersecurity

Federal officials this week discussed how they can support new approaches like zero trust and SD-WAN in an efficient and secure way by leveraging the Enterprise Infrastructure Solutions (EIS) contract along with security requirements of the Trusted Internet Connections (TIC) 3.0 policy.

[…]

NIST

The National Institute of Standards and Technology (NIST) launched the final version of Special Publication (SP) 800-207 Zero Trust Architecture on August 11.

[…]

NIST
FEMA

Zero trust is a simple concept – don’t trust anyone; verify everyone; do it continually – with a more complex goal of ensuring the right people have the right level of access to the right resources in the right context. The model has gained traction across industries, with giants like Google declaring that their internal private network is just as dangerous as the internet. The concept is also gaining momentum within Federal agencies.

[…]

Categories