After decades of delay, cybersecurity has become a defining issue for the United States. In response, when the White House laid out its zero trust requirements in January 2022, it set an ambitious goal – that all agencies have their zero trust infrastructure in place before October 1, 2024. This is because of the reality of the digital age: a persistent threat environment is the norm in the IT world, and agencies have to assume they...

Cyber attacks are on the increase across all levels of government – and state and local governments are often targeted because they have fewer resources for security. For instance, an October 2022 survey found that more than half of state and local governments faced ransomware attacks in 2021, and just one in five organizations successfully stopped the attack. Strengthening the security and resilience of these agencies’ systems req...

The entire concept of zero trust can be boiled down to four words – never trust, always verify. But short, simple statements usually have a lot of moving parts to make them reality. When the Office of Management and Budget issued its Federal Zero Trust Strategy in January 2022, it set the end of Fiscal Year 2024 – September 30, 2024 – as the completion date for a host of cybersecurity standards and objectives to be completed...

The state of Colorado is undertaking a top-to-bottom modernization of its IT infrastructure, aimed at achieving what the Governor’s Office of Information Technology describes as four "wildly important goals." Four major initiatives (tech transformation, broadband access, digital government services, and enhanced employee engagement) are intended to deliver more and better digital services that improve residents’ lives and increase...

The emphasis on implementing zero trust architectures throughout federal networks is intended to reinforce the Government’s defenses against increasingly sophisticated and persistent threat campaigns. This focus represents a major step forward in strengthening agencies’ cybersecurity – and provides the opportunity to enhance cybersecurity within those networks through microsegmentation. Application segmentation is a component...

When the White House issued Executive Order 14028, “Improving the Nation's Cybersecurity” in May 2021, it established the framework for the Office of Management and Budget’s January 2022 memorandum directing all agencies to implement a Federal Zero Trust Strategy. The Department of Defense has now released its own Zero Trust Strategy and Roadmap, which spells out its four high-level, integrated strategic goals in achieving ze...

As agencies pursue their zero trust goals in line with Executive Order 14028, “Improving the Nation’s Cybersecurity,” and the Office of Management and Budget’s memorandum setting a Federal Zero Trust Strategy, it is easy to focus on technology solutions. But that overlooks something fundamental about both the challenge and the purpose of moving to zero trust – the human beings that actually will use the redesigned...

Federal agencies are taking seriously the administration’s September 2024 deadline for implementing zero trust throughout government systems. When Executive Order 14028, “Improving the Nation’s Cybersecurity,” was issued in May 2021, it set tight deadlines for agencies to meet zero trust requirements. One year after the EO was released, a survey found that two-thirds of agencies said they would meet the maturity require...

Phishing continues to be one of the most common internet crimes today, but the stakes have risen enormously as our society has become online-driven. More than 80% of these attacks involve credential misuse in the network. With increased remote workers, users need a seamless mobile device experience to be able to do their jobs. Derived credentials allow agencies to utilize existing investments, adopt modern protocols, and apply phishing-resista...

The federal government is well ahead of state and local governments in the implementation of a zero trust architecture because of the White House Executive Order on Cybersecurity last year. But state and local agencies see it in their immediate future - 67 percent of state CIOs who responded to the 2021 Annual State CIO Survey anticipate that introducing or expanding a zero-trust framework will receive more attention in the next two to three y...