Cybersecurity model
CISA to Realign Zero Trust Maturity Model With CDM Program
The Cybersecurity and Infrastructure Security Agency will modify its zero trust maturity model to better align it with the agency’s Continuous Diagnostics and Mitigation program, an official said.
CISA launched the CDM program in 2012 to provide cybersecurity tools, services and dashboards to government agencies seeking to strengthen their cybersecurity posture and streamline regulatory compliance, according to the agency’s website.
John Simms, a Trusted Internet Connections senior technical adviser at CISA, said that the CDM program will benefit from the federal government’s new drive to adopt zero trust, FedScoop reported.
Zero trust is a modern security architecture that, according to CISA, strives for granular access control.
CISA published its zero trust maturity model in 2021 to provide agencies a road map for their transition to zero trust, in addition to presenting ways that CISA can support them.
Simms noted that the White House’s Office of Management and Budget has given agencies deadlines to meet certain zero trust-related objectives, including segmentation, multi-factor authentication and data governance.
OMB previously said that the objectives are based on the five pillars of CISA’s zero trust maturity model, which include the adoption of enterprise-managed identities, the creation of a complete inventory of government devices and the encryption of network and internet traffic.
While OMB did not set hard deadlines for the zero trust adoption due to budgetary reasons, Simms said he expects the office to be looking for “demonstrable progress” in key areas.
Category: Cybersecurity