White House targets security ‘paradigm shift’ with federal zero-trust strategy
January 31, 2022 – Published on Cybersecurity Dive
The Office of Management and Budget (OMB) gave federal departments and agencies until FY2024 to implement its zero-trust security goals, according to an announcement from the White House Wednesday. The model agencies will replicate was developed by the Cybersecurity and Infrastructure Security Agency (CISA).
All department and agency heads are assigned to implement zero trust is the latest step of the Biden administration’s federal cybersecurity strategy. The memo directs agencies to “internally source funding” in FY2022 and FY2023, or “seek funding from alternative sources,” to reach the priority goals of the memo. Alternative funding sources include the Technology Modernization Fund, the memo said.
Current cybersecurity efforts need funding. Eventually Matt Keller, GuidePoint Security’s VP of Federal Services, wants to see the government collaborate with system integrators to complement NIST’s risk management framework. The government could also leverage contract awards for executing more goals.
Zero trust has been a familiar concept in the security community for more than a decade, and “most places were doing a zero trust-lite,” Keller told Cybersecurity Dive by email. “Our adversaries will always poke at our strategies, and by releasing some of the details in the memo threat actors have information to create playbooks” on how the U.S. is developing its capabilities.
Read More HERE.