Agencies increasingly rely on Software-as-a-Service (SaaS) platforms such as Salesforce for mission-critical functions, which offers them numerous benefits including flexibility, reducing upfront IT resource costs and delegating upgrades and patches to the provider. Using Salesforce does not remove the agencies’ responsibility for cybersecurity, however, and SaaS applications face their own risks, including misconfigurations, poor access...

Ever since the issuance of Executive Order 14028, issued in May 2021 to improve cybersecurity across the entire government by implementing a zero trust architecture, federal agencies have been hard at work to meet the requirement. Then, in October 2023 – less than 18 months later – a new executive order, 14110, was released on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.” These are...

In the dynamic realm of digital security, the necessity for advanced cybersecurity measures is paramount. Progressive companies committed to protecting their digital infrastructure should focus on supporting their employees’ professional growth by enrolling them in the Certificate of Competence in Zero Trust (CCZT) training. This specialized course provides an in-depth exploration of the Zero Trust framework, arming participants with cut...

In the realm of government cybersecurity, the Zero Trust framework stands as a beacon of defense against evolving threats. Central to its efficacy are the principles of identity and access management, which redefine traditional security paradigms. Zero Trust advocates for perpetual verification of users, devices, and resources, emphasizing a “never trust, always verify” mantra. Identity verification, facilitated by multifactor auth...

Federal agencies have been ordered to move toward zero trust architectures with alacrity, through Executive Order 14028 on improving cybersecurity and the Office of Management and Budget’s two memoranda, M-22-09 on meeting zero trust cybersecurity principles, and M-21-31 on improving investigative and remediation capabilities following cyber breaches. The Department of Homeland Security observed in its Zero Trust Implementation Strategy...

Zero Trust is a key component of every federal IT initiative and modernization effort. The Executive Order on Improving the Nation’s Cybersecurity, the CISA Zero Trust Maturity Model, the DISA Zero Trust Architecture, and various NIST guidance all include mission critical elements for zero trust implementation. Although the principles of Zero Trust are widely accepted, the implementation process is a detailed and time-consuming process....

Orca Security, in collaboration with Epoch Concepts, invites you to an exclusive cloud security workshop! This event aims to equip technology professionals like yourself with valuable insights into the intricacies of Cloud Posture Management and Cloud Workload Protection, emphasizing their crucial roles within a Zero Trust Architecture framework. During this workshop, you can expect to: Gain deep insight into Cloud Posture Management and Cloud...

The second annual virtual symposium will reflect the progress with ZT implementation. Hear from more than 20 different speakers representing government, industry, and academia who will share their perspectives and experiences. Learn about ZT implementation successes and other lessons learned that can help you whether you are just beginning with ZT or you are well along the path of ZT implementation.

Federal departments and agencies are making headway in meeting the requirements of Executive Order 14028, issued in May 2021, to strengthen their cybersecurity by implementing a zero trust architecture. To date, many agencies have made progress in areas like identity management and secure access. But the journey toward achieving a zero trust environment is different for every department. The challenges that civilian agencies must overcome are...