×

Get the Best GovCon News Straight to your Inbox

Only read what's relevant to you

Potomac officers club sends personalized News and Updates straight to your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from Potomac Officers Club. In addition, you also agree to Potomac Officers Club's Privacy Policy and Terms & Conditions.

x

Federal Civilian

OMB Publishes Draft Zero Trust Strategy for Civilian Agencies

Security architecture

OMB Publishes Draft Zero Trust Strategy for Civilian Agencies

The Office of Management and Budget has released a draft federal strategy on the government’s effort to transition to zero trust.

The National Institute of Standards and Technology defines zero trust as a security architecture that does not automatically trust a user based solely on its physical or network location or asset ownership.

Zero trust is a key element of President Joe Biden’s May 12 executive order, which is aimed at modernizing the federal government’s cybersecurity and improving threat-sharing with the private sector.

OMB’s draft strategy directs federal civilian agencies to prioritize several key security outcomes and set baseline policy and technical requirements, the White House said Monday.

Agencies were tasked to consolidate their identity systems, implement multi-factor authentication to mitigate phishing attacks, treat internal networks as untrusted by default and move protections closer to data, among other measures.

Biden said the shift to zero trust is a “multi-year journey” and the government will adjust its cybersecurity strategies along the way as needed.

“The federal government’s approach to cybersecurity must rapidly evolve to keep pace with our adversaries, and moving toward zero trust principles is the road we need to travel to get there,” said Federal Chief Information Security Officer Chris DeRusha.

The Cybersecurity and Infrastructure Security Agency released a complementary zero trust maturity model to guide agencies in their development of the security architecture.

CISA also published a cloud security technical reference architecture that was developed in collaboration with the U.S. Digital Service and the Federal Risk and Authorization Management Program.

GovCon Wire Logo

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Federal Civilian

Category: Federal Civilian

Tags: Chris DeRusha CISA cybersecurity Cybersecurity and Infrastructure Security Agency Executive Order federal civilian FedRAMP Joe Biden National Institute of Standards and Technology NIST Office of Management and Budget OMB U.S. Digital Service USDS White House zero trust