Ransomware, malware, phishing, DDoS, social engineering, zero-day exploit, botnets – the list of types of attacks out there is long enough to keep even the most seasoned cybersecurity expert awake at night. And with the increased use of remote computing, the cyber attack surface grows as more edge devices are added to networks. Creating a zero trust environment holds a lot of promise to provide significantly improved cybersecurity. In th...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. This slogan fits into the Department of Defense mindset, which is always focused on how to reduce risk, but it’s a challenge to apply it to the federal government’s largest agency. An important tool in pursuing zero trust is to implement microsegmentation – partitioning a network into small, isolated sections to reduce the attack surface in e...

Cybersecurity is akin to the 20th century Cold War. On the one hand, bad actors – whether nation-states or common criminals – are constantly searching for new vulnerabilities and creating new tools to attack them. On the other, all government agencies and private sector companies are trying to remain alert and find new ways to fend off those attacks. Among the innovative ways agencies are responding to the ever-evolving threat land...

Embrace the next frontier in identity security We’re taking Navigate on Tour to a city near you. Navigate Government featuring iD.gov is the forum for identity practitioners to get first-hand insight into “what’s next” in identity security from a government perspective. Accelerate your identity security journey Navigate on Tour gives you the chance to share in how identity security is shaping your world from a governmen...

The 13th annual (ISC)² Security Congress 2023 will bring together cybersecurity professionals from around the world for industry-leading education, compelling keynotes, exclusive networking, inside-track career resources, exhibitor showcases and much more, delivered all under one roof at the stunning Gaylord Opryland resort. From expert advice to industry insights, hear from the profession’s most knowledgeable speakers and participa...

In collaboration with ATARC, RavenTek will proudly demonstrate proficiency in the scenarios outlined by the Zero-Trust Working Group, as well as a few scenarios of our own, by harnessing the capabilities of industry-leading vendors. As we journey forward beyond this Phase 2 lab, RavenTek will continue to unveil novel scenarios and perpetually refine our architecture, reinforcing our position at the bleeding edge of zero-trust technology integration.

The central premise of Office of Management and Budget Memo 22-09 laying out the Federal Zero Trust Strategy is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Controlling access is everything. This makes defining identity crucial – not just for people, but for every device of any kind that tries to access an agency system. The strongest form of identity management is attribute-ba...

Office of Management and Budget (OMB) Memorandum M-22-09 requires “agencies to achieve specific zero trust security goals” and designates “Identity” as the first of five pillars from CISA’s zero trust maturity model. Additionally, M-22-09 provides specific actions for the Identity pillar that include, employing centralized identity management systems that integrate with agency applications and platforms; leveragin...

As agencies move to implement a zero trust architecture, the dispersed nature of their cloud-based and hybrid networks means more attention than ever must be paid to the security of Active Directory (AD), which administrators use to manage permissions and access to network resources by far-flung endpoints. Attackers can gain unauthorized access to a company’s data if Active Directory is compromised; monitoring your AD will help protect s...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. States, localities, tribes and territories face the same cyber threats as the federal government, and many of their agencies are wrestling through how they can implement zero trust architectures. One of the most important elements in pursuing zero trust is implementing microsegmentation — partitioning a network into small, isolated sections to reduce the...