Zero trust architecture at its core increases cyber defenses and reduces threats to data exposure, which is more critical than ever as web applications remain a top attack vector for gaining access to sensitive systems and information; attacks on web apps increased from 31.5% in 2020 to 53.6% in 2021, according to Kapersky. Fortunately, new guidance from the Department of Defense (DoD) presents seven pillars that are critical to ZTA success ...

Approaching the one-year anniversary of the Office of Management and Budget’s memorandum on “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles,” this session will reflect on how agencies are meeting the specific criteria while utilizing ZT architecture. OMB’s memorandum involves centralizing identity management to provide enterprise identity and access management services to reduce the burden on agen...

Embracing a decentralized modern enterprise IT ecosystem means accepting that mission critical workloads don’t just run inside of the data center. Modern customer and employee experience demands from the business are rapidly forcing IT leaders to adapt to a hybrid environment approach. Application and data are increasingly spread among multiple agencies, legacy data centers, hyperscaler clouds, software as a service (SaaS) providers, and...

OMB’s memorandum M-22-09, “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles,” is setting deadlines for implementation across the government. Specifically, the memo calls out the end of FY24 – an extremely short time frame in government circles – for multiple actions across the CISA-defined five pillars of a Zero Trust Architecture. One of the most important actions is for agencies to move to...

Most IT leaders acknowledge the growing threat from ransomware, however many state and local governments are unprepared to prevent or respond to it. When an agency does not know the blast radius of an attack, whether sensitive data is affected, or how long it may take to recover, the only option they are often left with is to pay up. In order to protect themselves against an organized, well-resourced attacker agencies need a strong security po...

The Federal Government has spent a long time developing efficient, strong security practices to verify and authenticate identities—and for good reason. We’ve seen how incompatible authentication mechanisms hinder interagency communication and collaboration, as well as how weak authentication mechanisms leave the Federal Government vulnerable to exploits. Over the years, a variety of policies and memos—as well as high-profile...

Cyberthreats are disrupting our lives now more than ever, and we’ve reached a tipping point. Agencies are turning to Zero Trust for complete network security, but are unsure how to make Zero Trust actionable. Digital transformation is accelerating, with key shifts such as the expanding hybrid workforce and continued migration of applications and data to the cloud. As we make this transformation, information security teams have the opport...

The increasing complexity of government networks has opened new paths for adversaries to launch cyberattacks. Modern assets, converged environments, complex operating environments, and sophisticated access management procedures have led to a new breed of attack vectors spanning across multiple dimensions, including IT, OT, identities and cloud applications. To address these new realities, agencies are rolling out Zero Trust architectures. As p...

If you had to choose between a standard utility knife and a Swiss Army knife, which one would you pick? Most people would choose the latter because it can do more. Likewise, extended detection and response (XDR) offers the same capabilities as endpoint detection and response (EDR), plus so much more. XDR doesn’t stop at the endpoint. It provides a holistic view across networks, cloud workloads, servers, endpoints and more. This visibilit...

Emerging Technologies are evolving at a faster pace than ever before, especially as agencies aim to implement Zero Trust Security. Throughout the adoption and integration of Zero Trust principles into any cybersecurity strategy comes with many challenges and questions, agencies must turn to emerging technologies to help with the adoption and integration process of Zero Trust.