As the U.S. Government Moves Towards Zero Trust, SailPoint Continues To Support Key Federal Security Initiatives
Authored by Frank Briguglio, CISSP – Public Sector Strategist, SailPoint
There’s been a lot of movement from officials to shore up the U.S. government’s security posture.
In early September, the Office of Management and Budget (OMB) published the draft strategy “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles” to identify critical security priorities for agencies as they begin their zero trust journey. At the same time, Cyber and Infrastructure Security Agency (CISA) released the “Cloud Security Technical Reference Architecture (TRA)” and “Zero Trust Maturity Model.” Both recommendations were developed as part of a multi-agency effort with contributions from the U.S. Digital Service and the Federal Risk and Authorization Management Program (FedRAMP).
SailPoint is also part of this effort. We are actively collaborating with the NIST Cybersecurity Center of Excellence (NCCOE) on implementing zero trust with the government and industry partners. We are currently finalizing use cases and moving into the design phase, and we will share more on that later.
The new guidance is intended to focus government departments on crucial security outcomes and to set baseline policy and technology requirements. Security experts are defining goals for top priorities in identity, devices, networks, applications, and data in a coordinated and deliberate manner for the ongoing move to the cloud.
These endeavors also support President Biden’s executive order on cybersecurity in May, which reignited the push to zero trust. This security architecture will allow the federal government to identify, detect, protect, respond, and recover from cyber incidents while improving cybersecurity across the .gov enterprise.
You can learn more about the NCCoE project on zero trust by reading the Implementing a Zero Trust Architecture Project Description. If you are interested in the “35 Ways Identity Aligns With the NIST Cyber Security Framework,” download the white paper.
Discussion