DHS Releases Zero-Trust Implementation Strategy
The strategic approach recalls previous efforts made by the agency and highlights five key areas of focus for agency components.
The Department of Homeland Security (DHS)’s zero-trust implementation strategy released last week outlines five areas for how the agency plans to implement zero trust architecture.
“Much of the work of implementing zero trust, for any organization, is just work. It does not involve procuring or installing new technology, but may (and usually will) involve integrating and using existing technology in new ways, consistent with zero trust principles,” according to the plan.
The strategy highlights five main areas of focus: building on foundational efforts, standardization and interoperability, enterprise services, accelerators and governance. By focusing on the areas together, DHS plans to protect department resources, stabilize cybersecurity efforts and accelerate mission outcomes.
Although the strategy is dated October 2023, the agency underwent a process to get it released last week, DHS National Security Cyber Division Director Don Yeske clarified in a LinkedIn post.
For the past several years, DHS has been working on implementing zero-trust architecture across multiple departments, including U.S. Customs and Border Protection.
“Notable achievements in the first several years of DHS’ zero trust journey include establishing a cloud security gateway now used by most of the department in lieu of virtual private networks, implementing multi-factor authentication and data encryption in-transit and at-rest across almost all DHS systems, and integrating identity and device management solutions that are essential for further zero trust implementation efforts,” according to the strategy.
DHS plans to measure the success of this strategy by monitoring customer experience and operation resiliency, two things government agencies have been focusing on after a 2021 executive order to transform the government customer experience and a 2021 executive order on cybersecurity.
The strategy also emphasizes that it’s not a plan, but rather a framework to ensure the planning, execution and measurement of implementing zero trust across the agency.
“It is intended to guide the decisions and actions of DHS headquarters and components to achieve reinforcing effects, accelerate implementations, and help assure success,” the document reads. “Updates to this strategy, along with further guidance and direction aligned with this strategy, will be issued as needed through the CISO Council and other governing bodies.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Looking Back at the First Trump Administration's Tech Priorities
In his first term, Donald Trump supported cybersecurity, space policy and artificial intelligence development.
4m read -
Securing the Expanding Attack Surface in Cyberspace
Agencies undergoing digital transformation face a more intricate threat landscape and a wider threat target for adversaries looking to exploit vulnerabilities. This panel dives into strategies agencies are undertaking to safeguard these complex environments, including zero-trust architecture, vigilant monitoring and robust cybersecurity training.
30m watch -
Elevating Cybersecurity in the Intelligence Community
The Intelligence Community is developing strategies to protect data and strengthen resiliency against emerging cyber threats.
30m watch -
AI Revolutionizes Cybersecurity by Doing What Humans Cannot
Leaders from NSA, GAO and industry say that artificial intelligence can augment the cybersecurity workforce, but the work must be auditable and explainable.
4m read
