Both public and private sector organizations supported the concepts of Zero Trust to enable a more remote workforce, providing employees access to mission-critical data and applications even when working out of the office. That approach is even more critical now that few, if any, employees are working onsite at federal agencies, and agency leaders see it as a long-term solution that does not require a total restructuring of networks and online environments.
“We’re not going to get to a new environment any time soon,” said Federal Chief Information Security Officer Grant Schneider. “We’re living in a Zero Trust environment.”
Many Zero Trust tools are already at agencies’ disposal, and federal leaders are at work with the National Institute for Standards and Technology (NIST) to release guidelines on how to implement those tools. Alper Kerman, Zero Trust technical lead at NIST, said that the draft for NIST Special Publication 800-207, “Zero Trust Architecture” is currently undergoing final review, with the final version expected by the end of May. At the same time, the National Cybersecurity Center of Excellence (NCCoE) has established a test lab, which is currently testing how to integrate technical components into a Zero Trust architecture. The lab will test Zero Trust scenarios and capabilities next, with a focus on undertaking a project on implementation in late 2020.
Read more at: Government CIO