Different Agency Missions, One Zero-Trust Framework
As agencies tackle mission-critical IT modernization and digital transformation work, their growing reliance on the cloud and new devices has made thoughtful approaches to cybersecurity and risk management essential. The zero-trust framework stands as the cornerstone of those strategies following the 2021 executive order requiring agencies to improve their cybersecurity postures. Within those zero-trust environments, microsegmentation — along with user identity and endpoint security — serves as a solid foundation, says Victor Pham, CTO at the National Transportation Safety Board. Security teams at NTSB began exploring microsegmentation’s potential in 2017, when Trusted Internet Connections no longer held up as the agency relied more heavily on cloud infrastructure. (Read more about the agency’s journey here.)
At the Department of Veterans Affairs, reliance on the Internet of Medical Things in patient care has expanded the agency’s attack surface, but any breach could mean the difference between life or death. VA cybersecurity teams turned to zero-trust principles to ensure those critical devices operate with little risk of cyber intrusion (Read more on that here.)
The Department of Defense also relies on a zero-trust framework — brought to life through a mix of custom cloud services that deliver large-scale computing power and more — to secure and enable edge computing capabilities on the battlefield. (Read “Defense Agencies Turn to Multicloud Strategy.”)
No matter their mission, agencies are gaining ground on multiple fronts against black hat hackers and cyberattackers. The zero-trust framework ensures those wins will continue.
