US Secret Service
GAO: Secret Service Should Align Zero Trust Adoption Plan With New OMB Cybersecurity Requirements
The Government Accountability Office conducted a 13-month review of the U.S. Secret Service’s zero trust architecture adoption and found that the agency did not align its adoption strategy with the required cybersecurity standards and objectives the Office of Management and Budget identified in a memo in January. The review was conducted from October 2021 to November 2022.
According to a GAO report, the Secret Service developed its implementation plan prior to the release of the memo; however, the agency did not update the strategy, which only addressed six of the 15 OMB required actions, Nextgov reported. Among the OMB requirements not covered by the Secret Service zero trust architecture adoption model is the transition to IPv6, which will allow agencies to add more security features to interconnected networks.
“Agency IPv6 adoption plans should first focus on technology areas where IPv6 support is already mature, while allowing time for other service and product providers to upgrade their offerings,” the OMB memo said.
The report warned that keeping the outdated strategy will likely result in not having “a coherent view of disparate activities associated with the transition process.” GAO made recommendations to address the issues, including switching to a more advanced internet protocol for the Secret Service’s public-facing systems and updating its zero trust architecture implementation plan.
China is among the countries looking to accelerate the transition to IPv6. In April, its Central Cyberspace Administration unveiled a plan to fast-track the adoption of the protocol by cloud platforms and financial services and agriculture sectors. Under the strategy, the country aims to have 700 million active IPv6 users and 180 million IPv6 connections for the internet of things by the end of 2022.
Category: Federal Civilian