Federal agencies are taking different approaches to align with the Department of Defense and intelligence community’s zero trust cybersecurity goals, Federal News Network reported.
Donald Coulter, cybersecurity science advisor for the Department of Homeland Security’s Science and Technology Directorate, and Monica Montgomery, deputy chief information security officer and deputy director of the cybersecurity office at the National Geospatial-Intelligence Agency, were among the panelists sharing their zero trust strategies at the 930Gov conference.
DHS S&T is approaching zero trust from a supply chain risk management angle, prioritizing systems engineering standard creation and finding ways to help developers and consumers adopt zero trust throughout the software life cycle.
DHS S&T’s work “includes looking at how to expand contextual awareness and expand all the metadata associated with all the systems and resources that we have to be able to communicate those across systems and system boundaries and organizational boundaries,” Coulter said.
Meanwhile, NGA developed seven pilot programs or minimal viable products specifically addressing all zero trust pillars for all of the agency’s 1,300 systems and applications, Montgomery explained. “As systems come through that, business management systems, they are producing those requests for changes (RFCs), each one of those is getting bounced across our solution epic. So we don’t have to go to all the programs,” she stated.
