The Department of Justice seeks to pilot identity and access management capabilities in a move to fortify its cybersecurity posture and implement a zero-trust approach in network security, Fedscoop reported Tuesday.
Nickolous Ward, the DOJ chief information security officer, told the publication during the Fortinet Security Transformation Summit that the department is launching up to 10 experimental projects with different vendors focused on zero-trust cybersecurity. He noted that DOJ plans to implement open application programming interfaces and automation in efforts to better secure the department's digital infrastructure.
“If we can’t take an action within 15 minutes, a good nation-state actor is already hopping to other systems once they’ve made their initial compromise,” he said.
According to Ward, DOJ's attack surface “expanded dramatically” as it continued to consolidate more than 100 data centers and transition around 60 services to the cloud over the past five years.