The concept of zero trust is built around the idea that trust cannot be assumed and thus must be continuously verified to ensure the security of critical information.
“To stay ahead of cyberattacks, agencies need to accelerate the adoption of modern technology approaches like zero-trust architecture that enables them to decommission legacy systems,” urged Nakasone.
Following a May 2021 Executive Order, zero trust architecture standards, which include improvements to multi-factor authentication, consistent monitoring of who can access what data, modernizing encryption methods and implementing more thorough data organization and classification must be met by federal civilian executive branch agencies by the end of September 2024.
“Public sector agencies possess troves of information and data that make them prime targets for cybercriminals,” stressed Nakasone. Additionally, he emphasized the impact of cyberattacks on U.S. citizens who rely on many government services, such as social security, passports and emergency management.
Nakasone also commented on the importance of maintaining employee knowledge on policies regarding data security and the use of the DevSecOps model, which embeds security into the lifecycle process of IT and acquisition, to strengthen cloud security.
If you’re interested in learning more about how federal agencies are bolstering their cybersecurity practices, join the Potomac Officers Club for its Cybersecurity in the Modern Intelligence Community Forum on Nov. 16. Register here.