web analytics

Federal CIO Says Agencies on Track for Zero Trust Milestones – Source: www.databreachtoday.com

federal-cio-says-agencies-on-track-for-zero-trust-milestones-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author: 1

Governance & Risk Management
,
Government
,
Industry Specific

Top Government Agencies ‘All in the High 90% Range’ for Completion, Says Martorana

Chris Riotta (@chrisriotta) •
September 4, 2024    

Federal CIO Says Agencies on Track for Zero Trust Milestones
Federal CIO Clare Martorana testifying during a Sept. 16, 2022, House hearing on federal IT modernization

Major government agencies are on track to achieve key milestones included in an upcoming deadline given in the federal zero trust strategy amid significant cybersecurity improvements across federal networks, according to federal CIO Clare Martorana.

See Also: Securing Healthcare: Minimizing Risk in an Ever-Changing Threat Landscape

Martorana said the 24 CFO Act Agencies – the largest and often considered most influential agencies in the United States – “are all in the high 90% range” for meeting the goals outlined in the strategy, which include implementing identity and access management, enhancing data protection and automating security responses. The Office of Management and Budget said it has seen a significant increase in federal progress toward the Sept. 30 deadline and that the completion rate has risen “from 81% to 87% for agencies on that journey,” according to Martorana.

The federal CIO told the Billington CyberSecurity Summit in Washington, D.C., that zero trust, a security model which inherently assumes that threats can be ever-present, “is a journey, not a destination.” She said that achieving the requirements included in the 2022 federal strategy “requires consistent funding” and added: “Our budgets are a challenge.”

The federal zero trust strategy gives agencies until the end of fiscal year 2024 to enforce a wide variety of components to a zero trust architecture, such as requiring agency staff to use phishing-resistant multifactor authentication. Agencies are also tasked with maintaining inventories of all devices they operate and authorize for government use and with treating all applications as being internet-connected (see: US OMB Releases Zero Trust Strategy for Federal Agencies).

Many agencies benefited from additional funding for cybersecurity projects supported by the Technology Modernization Fund, according to Martorana. She said that 83% of investments in the TMF went to cross-agency cybersecurity initiatives, “helping agencies get on the path to zero trust.”

The push to achieve zero trust across the federal enterprise comes amid an intensifying threat landscape for government agencies, as foreign adversaries such as Russia, China and Iran are using artificial intelligence to rapidly exploit vulnerabilities and amplify cyberattacks. The strategy requires all agencies to ensure their endpoint detection and response tools meet technical requirements outlined by the Cybersecurity and Infrastructure Security Agency and are deployed widely to ensure adequate coverage.

“It is a continued journey that the government is going to undergo for many years,” Martorana said. “But I can see real progress.”

Original Post url: https://www.databreachtoday.com/federal-cio-says-agencies-on-track-for-zero-trust-milestones-a-26203

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Codrut Andrei
Cybersecurity Talent Crisis Today and Tomorrow by Codrut Andrei
Cybersecurity Talent Crisis Today and...
SCYTHE
Better Cybersecurity Metrics – SOC Metrics – Threat Hunting Metrics – Cyber Threat Intelligence (CTI) Metrics – Incident Response (IR) Metrics for CISOs by SCYTHE
Better Cybersecurity Metrics – SOC...
ACSC Australia
Personal Cyber Security First Steps by Australian Government – ACSC
Personal Cyber Security First Steps...
Joas Antonio
100 Security Operation Tools for SOCs by Joas Antonio
100 Security Operation Tools for...
Joas Antonio
Guide for Multi-Cloud Read Team AWS – GCP – AZURE by Joas Antonio
Guide for Multi-Cloud Read Team...
SANS
SANS Faculty Cybersecurity Free Tools – SANS Instructors have built more than 150 open source tools that support your work and help you implement better security.
SANS Faculty Cybersecurity Free Tools...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

LogRhythm
A Guide to User and Entity Behavior Analytics (UEBA)
A Guide to User and...
BONI YEAMIN
100 Offensive Linux Security Tools
100 Offensive Linux Security Tools
SentinelOne
90 DAYS A CISO’S JOURNEY TO IMPACT
90 DAYS A CISO’S JOURNEY...
ChiefExecutive
Ciberseguridad: Prioridad Estratégica para los CEO.
Ciberseguridad: Prioridad Estratégica para los...
CYBER SECURITY COALITION
CYBER SECURITY INCIDENT MANAGEMENT GUIDE
CYBER SECURITY INCIDENT MANAGEMENT GUIDE
INL/EXT
Cybersecurity for Distributed Wind
Cybersecurity for Distributed Wind
ARTIC WOLF
Cybersecurity Compliance Guide
Cybersecurity Compliance Guide
ESRAA MOHAMAD
ELEARN SECURITY CERTIFIED INCIDENT RESPONSE
ELEARN SECURITY CERTIFIED INCIDENT RESPONSE
DRAGOS
Impact of FrostyGoop ICS Malware on Connected OT Systems
Impact of FrostyGoop ICS Malware...
Victor Tong
Digital Operational Resilience Act – Control Mappings
Digital Operational Resilience Act –...
ARMIS
DORA Resiliency Guide Strengthening Cybersecurity and Operational Resilience in the Financial Sector
DORA Resiliency Guide Strengthening Cybersecurity...
IGNITE Technologies
Docker Penetration Testing
Docker Penetration Testing

More Latest Published Posts

Apress
Cyber Security on Azure An IT Professional’s Guide to Microsoft Azure Security
Cyber Security on Azure An IT Professional’s Guide to Microsoft Azure Security
CyberJA
ASSET IDENTIFICATION & CLASSIFICATION-A CRITICAL COMPONENT OF CYBER RISK MANAGEMENT
ASSET IDENTIFICATION & CLASSIFICATION-A CRITICAL COMPONENT OF CYBER RISK MANAGEMENT
SOSAFE
CybercrimeTrends 2024 The latest threats and security best practices
CybercrimeTrends 2024 The latest threats and security best practices
Routledge
Cyber Security Politics Socio-Technological Transformations and Political Fragmentation
Cyber Security Politics Socio-Technological Transformations and Political Fragmentation
Hidaia Mahmood Alassouli
Common Windows, Linux and Web Server SystemsHacking Techniques
Common Windows, Linux and Web Server SystemsHacking Techniques
Cigref
Surviving a Massive cyber-attack by Cigref
Surviving a Massive cyber-attack by Cigref
Splunk
SPLUNK® AND THE CIS CRITICALSECURITY CONTROLS Mapping Splunk Software to the CIS 20 CSC Version 6.0
SPLUNK® AND THE CIS CRITICALSECURITY CONTROLS Mapping Splunk Software to the CIS 20 CSC Version 6.0
SOC SIEM Use Cases
SOC SIEM Use Cases
safecode
Six Pillars of DevSecOps- Collaboration and Integration
Six Pillars of DevSecOps- Collaboration and Integration
SentineOne
WatchTower I ntelligence-Driven Threat Hunting
WatchTower I ntelligence-Driven Threat Hunting
CNIL
Security of Personal Data
Security of Personal Data
OPSWAP
Securing ICS SCADA updates OT Environments
Securing ICS SCADA updates OT Environments
Top 300 Azure Sentinel Used Cases KQL (Kusto Query Language) queries
Top 300 Azure Sentinel Used Cases KQL (Kusto Query Language) queries
WITH SECURE
Threat Landscape Update Report
Threat Landscape Update Report
ThreatRadar
Threat Intel Roundup
Threat Intel Roundup
ThreatRadar
Threat Intel Roundup
Threat Intel Roundup
ThreatRadar
Threat Intel Roundup
Threat Intel Roundup
Mihaela Curcă
The Role of Cyber Espionage inInternational Relations
The Role of Cyber Espionage inInternational Relations
GLOBAL NETWORK OF DIRECTOR INSTITUTES
THE FUTURE OF BOARD GOVERNANCE
THE FUTURE OF BOARD GOVERNANCE
Deloitte
The CISO’s Guide to Generative AI
The CISO’s Guide to Generative AI
Capgemini
PROMPT THE FUTURE
PROMPT THE FUTURE
Google
We’re All in this Together
We’re All in this Together
CyberSN
U.S. Cybersecurity Job Posting Data Report
U.S. Cybersecurity Job Posting Data Report
CISA | Cybersecurity and Infrastructure Security Agency
UNDERSTANDING AND RESPONDING TO DISTRIBUTED DENIAL-OF-SERVICE ATTACKS
UNDERSTANDING AND RESPONDING TO DISTRIBUTED DENIAL-OF-SERVICE ATTACKS
McKinsey & Company
Transforming risk efficiency and effectiveness
Transforming risk efficiency and effectiveness
Arnold Antoo
Zero Trust Security Model
Zero Trust Security Model
Richea Perry
Your Cybersecurity Toolkit
Your Cybersecurity Toolkit
IGNITE Technologies
Wireless Penetration Testing
Wireless Penetration Testing