Palo Alto Networks Senior Vice President of Public Sector Dana Barnes, who is also a 2022 Wash100 Award recipient as well as a member of Executive Mosaic’s GovCon Expert program, has shared his thoughts on President Biden’s Zero Trust plan, which was unveiled in January 2022.
“The Federal Zero Trust Strategy represents an important milestone as it not only ensures all agencies are on a common cybersecurity roadmap, but also underscores the importance of network visibility, asset discovery, cloud adoption and endpoint-based detection,” said GovCon Expert Dana Barnes, a two-time Wash100 Award recipient.
President Biden’s new strategy proposes all federal employees will implement managed and secure accounts on which they will perform all work-related tasks, as well as specialized, monitored devices to do this work.
The plan also puts forth the idea that all inter-agency activity will be encrypted and that apart from necessary interactions, agencies will act and run discretely from one another.
“From SolarWinds to the recent Log4j vulnerability, protecting federal organizations from the most serious cyber threats calls for a modernized approach to security. Organizations are only as strong as their weakest link when it comes to cybersecurity,” Barnes continued.
The executive’s mention of SolarWinds references a 2020 hack by Russian cybercriminals into the data and systems of the information technology company of the same name. The breach affected an estimated 18,000 of the firm’s customers.
Log4j is a Java-based software whose code glitch in late 2021 provided inroads for exploitation from hackers from several different countries. These recent major-scale hacking incidents have widely prompted politicians and commercial sector figures to reexamine cybersecurity measures.
Barnes concluded his thoughts on the matter, musing, “However, a critical component to accelerate Zero Trust is to first understand an organization’s attack surface, their critical systems and potential exposures to determine where they should enforce Zero Trust policies in a risk-prioritized manner.”
Barnes’ approval of the new Zero Trust plan and his perspective on its actualization dovetails with a December 2021 GovCon Expert piece he published in GovConWire.
In that piece, GovCon Expert Dana Barnes laid out what he sees as the four tenets of federal cybersecurity modernization: improving threat detection and sharing threat information; securing and monitoring workloads in the cloud; reducing the attack surface; and implementing a zero trust enterprise.
