Zero Trust: Evolving Government Cybersecurity — A FedScoop Special Report

In the age of the cloud, cybersecurity can no longer be defined by the perimeter of a network.

This has become more apparent than ever as millions of federal workers were sent home last March when the coronavirus and the need to socially distance forced mass telework across the government, with much of the workforce still working remotely today.

In such a model, with personnel logging into applications from remote locations and without the ability to physically identify a user on a network is that person, zero trust is a must.

A zero-trust security architecture is one that users on a network are not trusted by default and instead required to provide credentials and earn authorization, typically with continuous validation, anytime they move around a network.

It’s a concept that’s catching on across the federal government. Outside of being perhaps the most popular buzzword to come out of the mouths of IT professionals in and outside government, nearly half of federal IT executives in a recent survey said their agencies are moving away from traditional network perimeter defense tactics and taking steps to adopt identity-centered, or zero-trust, security strategies to protect their digital resources.

“By surrounding their data with precision identity and access controls, agencies can better secure their information and improve the user experience for employees and citizens,” says the report, produced by FedScoop and underwritten by Duo Security.

And it’s a journey that agencies will certainly continue on in 2021 as the federal government, regardless of what in-office work looks like when the pandemic subsides, operates more and more decentralized networks with users accessing data and services from the edge.

This special report, which will be updated in the weeks following its initial publication, will explore the evolution of cybersecurity in government through the vector of zero trust and what agencies are looking to next on this journey.

TwitterFacebookLinkedInRedditGmail

Modernization

Authentication tools alone will not be enough to secure networks

by | Jan 8, 2021

Remote work conditions underlined deficiencies in PIV authentication, and the need for dynamic authentication to improve zero-trust security.

FedScoop Radio

Let’s Talk About IT Ep. 17 — A guide to Zero Trust, featuring CISA’s Sean Connelly

by | Mar 10, 2021

Sean Connelly joins Let's Talk About IT to discuss federal efforts to move to a zero-trust security model.

Defense

How the DOD is leading the charge on zero trust

by | Jan 9, 2021

A look at the DOD's leading push to zero trust.

Defense

Zero trust guide coming to DOD in 2021

by | Dec 14, 2020

The reference guide will be a key starting point for IT shops and defense agencies to move to a zero trust model of networking.

Defense

Air Force pushing ‘mission-critical’ applications to zero trust

by | Jan 12, 2021

The Air Force is moving quickly to Zero Trust.

Tech

Industry urges agencies to accelerate zero trust adoption after SolarWinds hack

by | Jan 9, 2021

Zero-trust security couldn't stop the SolarWinds hack, but it could, and did, mitigate the damage, according to cyber experts.

Defense

Teleworking brings zero trust to bear at DOD as phishing attacks increase

by | Nov 10, 2020

A "healthy dialog" has been sparked by the need to move to a zero trust security architecture, DOD Deputy CIO CIO John Sherman said.

Defense

Navy moving toward zero-trust network, with pandemic as pivot point

by | Oct 15, 2020

The Navy's top IT official said the service will use the modernization prompted by the pandemic to move to a zero-trust model for security.

Modernization

NIST releases finalized zero-trust architecture guidance

by | Aug 13, 2020

The document adds a section on the tenets of the security philosophy and adopts longstanding federal language around approaches.

Modernization

Survey finds federal agencies embracing zero-trust security model

by | Jan 22, 2020

Recent federal mandates and shifts in commercial practices are driving agencies to move away from perimeter defense to identity-based authentication strategies.

Modernization

The pandemic isn’t the only thing pushing CIOs to modernize IT

by | Jan 13, 2021

Many needs predate the global crisis, according to the Professional Services Council, and will need attention moving forward.

TwitterFacebookLinkedInRedditGmail