How Intelligence Agencies Are Thinking About Zero Trust
Page said the Navy is looking at how zero trust helps the branch mitigate risks around those fundamental areas. He also said sailors and workers across the Navy need a better understanding of the underpinnings of zero trust.
“We need to invest in people, materiel, services, training and educating our people,” Page said. He also noted that the shift to zero trust cannot be treated as a blank check for IT security vendors. There needs to be a clear understanding of how long it will take to get new cybersecurity capabilities online and a way to measure the actual benefits of new technologies and policies.
Leonel Garciga, director of Army intelligence community information management, said the government is “watching in real time a big shift” in cybersecurity. The move to zero trust is ushering in more of a threat-based and risk-based approach to cybersecurity, he said.
RELATED: How are civilian agencies approaching the shift to zero trust?
“We need to move the rest of Defense Department in the same direction,” he said.
Col. Michael Medgyessy, CIO and chief data officer for the Air Force intelligence community, said embracing zero trust would help intelligence agencies refocus on “protecting data and how we access it.”
The identity, credential and access management aspect of a zero-trust architecture is essential, Medgyessy said. “The ICAM solution as part of zero trust is so fundamental,” he added. That way, location won’t matter when users connect to the Air Force’s networks and assets, as long as they can properly authenticate who they are, he said.