The Federal Mandate on Zero Trust Network Goals
President Biden’s Executive Order 14028, Improving the Nation’s Cybersecurity, mandates federal agencies to develop plans for implementing a zero-trust architecture (ZTA) by the end of the Fiscal Year (FY) 2024. The major obstacle to setting these goals is the lack of zero-trust standards and an established testing methodology.
CIO INFLUENCE News: Dell Technologies and Hugging Face to Simplify Generative AI with On-Premises IT
Veterans Cybersecurity Group (VCSG) CTO, and Senior IEEE Zero Trust Working Group (ZTWG) member, Mr. Leighton Johnson has stated, “Although NIST and CISA have defined principles, it is difficult to audit a set of principles. Currently, there are no Zero Trust standards to test and validate complex ZTA Solutions. The IEEE ZTWG is tasked with the yearslong process of developing a Zero Trust ISO Standard. However, VCSG aims to establish testing criteria immediately through an iterative SecDevOps approach. To this end, VCSG is establishing a Zero Trust Proving Ground (ZTPG) to test and evaluate ZTA implementations.”
Zero Trust Proving Ground (ZTPG)
This Zero Trust Proving Ground aims to assist federal agencies in meeting these aggressive zero-trust goals by contributing to an auditable testing standard for zero-trust network architectures (ZTA). VCSG will host the ZTPG on an established Cyber Range utilized by government agencies as a virtual cybersecurity training and testing environment, allowing multiple “communities of interest” to implement cyber-attack and exploitation scenarios.
VCSG’s Zero Trust Proving Ground (ZTPG) brings together government and industry to establish a rigorous testing standard for ZTA solutions. Extensive vulnerability analysis and penetration testing within the ZTPG will inform the development of a standardized ZTA testing framework. This framework will empower federal agencies to evaluate and integrate third-party ZTA solutions into their emerging cybersecurity architectures.
CIO INFLUENCE News: Melani Griffith Appointed as Chief Growth Officer for Google Fiber
Project Stakeholders
Veterans Cybersecurity Group (VCSG) is seeking stakeholders, including (1) Federal Agencies seeking information (RFI) to develop future Requests for Proposals (RFPs), (2) Cybersecurity Vendors seeking to have their ZTA Products and services demonstrated and tested, (3) standards bodies such as the IEEE Zero Trust Working Group (ZTWG), and (4) cybersecurity non-profits, such as ISC2 and CSA, with the mission to provide training and awareness promoting the use of Zero Trust best practices for providing security assurance and education to the cybersecurity workforce.
CIO INFLUENCE News: Illumio Delivers the Most Complete Zero Trust Segmentation Platform with the Addition of CloudSecure
[To share your insights with us, please write to sghosh@martechseries.com]
