Zero trust guidance
CISA Director Calls for More Feedback on Federal Zero Trust Implementation Roadmap
The director of the Cybersecurity and Infrastructure Security Agency has called on the federal and cybersecurity communities to continue providing feedback on the agency’s recently published zero trust implementation guidelines for government agencies.
Jen Easterly said that CISA acknowledges the difficulty of adopting the modern security architecture for some agencies, FedScoop reported Tuesday.
“We know that it really is a journey. For some organizations that are just on the front end of re-architecting their networks, so we wanted to give them benchmarks to get to, in how they advance in maturity,” Easterly said during the Amazon Web Services D.C. Summit.
CISA published its Zero Trust Maturity Model earlier in September, providing a roadmap to help agencies account for visibility, analytics, automation, orchestration and governance in their zero trust implementation.
The document provides specific examples of a traditional, advanced and optimal implementation of the security model. Respondents still have until Oct. 1 to comment.
CISA’s maturity model complements the Office of Management and Budget‘s draft zero trust federal strategy, which directs agencies to prioritize key security outcomes and set baseline and technical requirements.
Easterly added that CISA wants to maintain open communication channels with the private sector and federal government agencies, especially when it comes to sharing cyber threat information sharing.
Zero trust is a key element of President Joe Biden’s May 12 executive order seeking to modernize the federal government’s cybersecurity.
The White House has called the shift to zero trust a “multi-year journey for federal agencies,” adding that the administration is prepared to adjust its strategy as new technologies and practices emerge.
Tags: CISA cybersecurity Cybersecurity and Infrastructure Security Agency Executive Order FedScoop Jen Easterly Joe Biden Office of Management and Budget OMB threat information sharing White House zero trust Zero Trust Maturity Model