Agency modernization, expanding cloud deployments, and distributed workforces create new planes of privilege for adversaries to exploit. When designing the future state of The Defense Department's complex enterprise network, a least-privilege approach is critical to keep pace with adversaries and lower your attack surface. With users and devices now accessing critical information, systems, and applications from anywhere, the mindset must be to...

The increased risk of cyber-attacks targeting Operational Technology (OT) systems and third-party remote access has skyrocketed in our new hybrid world. Agencies working in converged IT/OT industrial environments must achieve complete visibility, security, and control of operations, and they must understand what third-party vendors (suppliers/contractors) and internal privileged users (operators/admins/remote workers) are doing with their acce...

In our rapidly changing digital world, agencies must evolve security strategies. A goal of Zero Trust is to create a security and network architecture that is dynamic, adaptable, and protected. The Executive Order on Cybersecurity has moved the term "Zero Trust" from a buzzword to a much-needed baseline for action planning around how we secure agency data and systems. Agencies must leverage Zero Trust principles to never trust, always verify,...