Cybersecurity at U.S. federal agencies has been running behind the times for years. It took an executive order by President Joe Biden to kickstart a fix across the agencies. The government initiative also serves as a wake-up call to enterprises lagging in getting zero trust up and running.
Several organizations, including the Office of Management and Budget (OMB), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) responded to the president’s order with detailed guidance for federal agencies. The National Cybersecurity Center of Excellence issued how-to guides and example approaches to using a zero trust architecture.
The OMB gave federal departments and agencies until 2024 to implement zero trust. CISA has outlined five pillars for zero trust: identity, devices, networks, applications and workloads and data. NIST plans to publish its guide in four phased volumes: summary; approach, architecture and security characteristics; how-to guides; and functional demonstrations. Cybersecurity experts are keeping close eyes on these, as they may provide definitive best practices and guidelines for rollouts.
Benefits of Following CISA’s Guidance
CISA pointed out all this guidance does and will provide myriad benefits to organizations of all kinds, not just federal agencies.
The goals of the government’s zero trust push are familiar to chief information security officers (CISOs) steeped in the details of zero trust:
Support the originator by clicking the read the rest link below.
