OMB issues zero-trust strategy for federal agencies

All federal agencies must meet zero-trust goals that the U.S. Office of Management and Budget has set by 2024, building on earlier federal cybersecurity initiatives.

Through a memo issued by the Office of Management and Budget (OMB), the Biden administration issued a 30-page strategy to move the U.S. government toward a zero trust approach to cybersecurity. The strategy “represents a key step forward” in delivering on the president’s sweeping May executive order (EO) on cybersecurity, which contains a directive for federal government agencies to develop a plan to advance towards a zero trust architecture.

A hot buzz phrase in the cybersecurity world, zero trust is a model premised on the notion of “never trust, always verify.” The executive order defines zero trust as a security concept that “eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.” OMB says that a “key tenet of a zero trust architecture is that no network is implicitly considered trusted.”

This article appeared in CSO Online. To read the rest of the article please visit here.