CISA Collaborating With White House on Forthcoming Zero-Trust Strategy

CISA Collaborating With White House on Forthcoming Zero-Trust Strategy

The White House is working on a strategy to boost organizations’ use of security systems that look for threats within networks, in addition to guarding the perimeter, according to a Cybersecurity and Infrastructure Security Agency official.


CISA Deputy Executive Assistant Director Matt Hartman said while working to create a model to guide federal agencies’ implementation of zero trust, as the practice is known, “we have partnered closely with [the National Institute of Standards and Technology], we have worked closely with [the National Security Agency] and others on this, closely with the White House as they're going to be putting out a strategy.”


Hartman participated in an event Meritalk hosted Tuesday on a May 12 Executive Order that gave agencies 60 days to develop zero-trust implementation plans, with a particular focus on cloud migration. 


He described a document CISA shared with agencies last week as an attempt to clarify the principles of zero trust and provide options for steps they can take in what is expected to be a long and ongoing process. 


The draft model CISA developed consists of five pillars— identity, device, network, application workload and data—with markers along three stages toward achieving a mature zero-trust architecture, Hartman said, stressing continual identity verification as core in a security system that assumes a breach has already happened.


“We've provided them with targets in each maturity stage,” he said, “so taking identity as an example, since it is widely accepted that optimizing identity is a major component to achieving zero trust, agencies will move from traditional, which includes the use of passwords or [multi factor authentication] and limited risk assessment, to advanced, which includes fully implemented MFA and some identity federation with cloud and on premises systems, to optimized, which really includes continuous ..

Support the originator by clicking the read the rest link below.