Adopting a zero trust policy has become imperative for agencies aiming to safeguard their digital assets against increasingly sophisticated threats. It represents a true paradigm shift, away from traditional perimeter-based security models to a more dynamic, trust-never always-verify approach. One critical part of implementing zero trust is managing digital identity – ensuring that access to resources is securely managed and continuously...

Leaders across the federal government are under pressure to deliver on an ever-expanding mission with limited resources. Doing so requires the modernization of systems and processes to connect data, content, and applications to maximize existing infrastructure investments and enhance information availability, value, and security. With countless directives and executive orders on everything from cybersecurity and data sharing to improving the c...

Zero Trust (ZT) potentially transforms DoD Cybersecurity. ZT is a cybersecurity strategy wherein security policy is applied based on context established through least-privileged access controls and strict user authentication—not assumed trust. As the DOD explains in its roadmap, “there is one destination (zero trust) with many paths.” To that end, DOD’s Zero Trust strategy details 45 capabilities that support target lev...

State and local governments had to adapt quickly to the effects of the pandemic, as workers and residents alike were encouraged to shelter in their homes. This created major challenges for agencies’ IT systems and technical support staff. Rather than using a “hub-and-spoke” method of connecting employees to servers, data, applications, and each other – where cybersecurity focused on firewalls around the perimeter ...

Cybersecurity has always contended with evolving threats. As the internet has become more embedded into social and economic life and smart phones, tablets and other handheld devices become ubiquitous, bad actors have devised new attacks to capitalize on new vulnerabilities. And just as agencies are implementing zero trust architecture to help with this wave, other IT developments are threatening to upend cybersecurity even more. For instance,...

Zero-trust cybersecurity has been the Administration’s goal for a few years now. So that begs the question, what are the current and most pressing threats that are waging war against the zero-trust methodology? Join us online Wednesday, Feb. 7 from 2-2:50 p.m. ET/11-11:50 a.m. PT to hear from government and industry experts about the current threat landscape and what should be on your radar for 2024.

Imagine being entrusted with your organization's IAM. Your mission, should you choose to accept it: Strengthen security with Zero Trust Save time with automated IAM tasks Provide a great end user experience Join us for an immersive hands-on lab experience where you'll learn to master key IAM principles through Okta's Workforce Identity Cloud, including adaptive authentication, securing device access, automation of onboarding/offboarding, and i...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. This slogan fits into the Department of Defense mindset, which is always focused on how to reduce risk, but it’s a challenge to apply it to the federal government’s largest agency. An important tool in pursuing zero trust is to implement microsegmentation – partitioning a network into small, isolated sections to reduce the attack surface in e...

In collaboration with ATARC, RavenTek will proudly demonstrate proficiency in the scenarios outlined by the Zero-Trust Working Group, as well as a few scenarios of our own, by harnessing the capabilities of industry-leading vendors. As we journey forward beyond this Phase 2 lab, RavenTek will continue to unveil novel scenarios and perpetually refine our architecture, reinforcing our position at the bleeding edge of zero-trust technology integration.

As agencies move to implement a zero trust architecture, the dispersed nature of their cloud-based and hybrid networks means more attention than ever must be paid to the security of Active Directory (AD), which administrators use to manage permissions and access to network resources by far-flung endpoints. Attackers can gain unauthorized access to a company’s data if Active Directory is compromised; monitoring your AD will help protect s...