DHS, NSA Creating Reusable Pieces to Zero Trust Foundation

An analysis by Bloomberg Government from last summer showed agencies have spent only $500,000 on zero trust architecture tools and services since fiscal 2017.

To be clear, that research only looked for specific mentions of what has become a buzzword mentioned at every conference and vendor white paper over the last two years.

BGov readily acknowledges that there are hundreds of millions, if not billions, of dollars spent on components that would go into a zero trust architecture.

The evidence of that spending and push toward modernizing the federal approach to cybersecurity seems to be everywhere, especially over the past year as agency chief information officers and others have realized the value and potential of changing their approach to network defenses. The COVID-19 pandemic reminded and reinforced the power of identity and access management as a key piece to defend against cyber attacks.

The National Institute of Standards and Technology is reviewing concept papers for how to implement a zero trust architecture across six scenarios.

“This project will focus primarily on access to enterprise resources. More specifically, the focus will be on behaviors of enterprise employees, contractors and guests accessing enterprise resources while connected from the corporate (or enterprise headquarters) network, a branch office, or the public internet,” NIST’s National Cybersecurity Center of Excellence wrote in the project description. “Access requests can occur over both the enterprise-owned part of the infrastructure as well as the public/non-enterprise-owned part of the infrastructure. This requires that all access requests be secure, authorized, and verified before access is enforced, regardless of where the request is initiated or where the resources are located.”

Read more at: Federal News Network