DHS Releases Zero-Trust Implementation Strategy
The strategic approach recalls previous efforts made by the agency and highlights five key areas of focus for agency components.
The Department of Homeland Security (DHS)’s zero-trust implementation strategy released last week outlines five areas for how the agency plans to implement zero trust architecture.
“Much of the work of implementing zero trust, for any organization, is just work. It does not involve procuring or installing new technology, but may (and usually will) involve integrating and using existing technology in new ways, consistent with zero trust principles,” according to the plan.
The strategy highlights five main areas of focus: building on foundational efforts, standardization and interoperability, enterprise services, accelerators and governance. By focusing on the areas together, DHS plans to protect department resources, stabilize cybersecurity efforts and accelerate mission outcomes.
Although the strategy is dated October 2023, the agency underwent a process to get it released last week, DHS National Security Cyber Division Director Don Yeske clarified in a LinkedIn post.
For the past several years, DHS has been working on implementing zero-trust architecture across multiple departments, including U.S. Customs and Border Protection.
“Notable achievements in the first several years of DHS’ zero trust journey include establishing a cloud security gateway now used by most of the department in lieu of virtual private networks, implementing multi-factor authentication and data encryption in-transit and at-rest across almost all DHS systems, and integrating identity and device management solutions that are essential for further zero trust implementation efforts,” according to the strategy.
DHS plans to measure the success of this strategy by monitoring customer experience and operation resiliency, two things government agencies have been focusing on after a 2021 executive order to transform the government customer experience and a 2021 executive order on cybersecurity.
The strategy also emphasizes that it’s not a plan, but rather a framework to ensure the planning, execution and measurement of implementing zero trust across the agency.
“It is intended to guide the decisions and actions of DHS headquarters and components to achieve reinforcing effects, accelerate implementations, and help assure success,” the document reads. “Updates to this strategy, along with further guidance and direction aligned with this strategy, will be issued as needed through the CISO Council and other governing bodies.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Facing Evolving Cybersecurity Challenges
Hear from federal cybersecurity experts discuss strategies for staying informed about the latest threats, tools and policies.
30m watch -
GSA Taps Dovarius Peoples as Deputy CIO
Peoples previously served as CIO of the U.S. Army Corps of Engineers and oversaw the service's cloud migration and data modernization.
1m read -
DHS Tabs Cyber and AI as Innovation R&D Priorities
The agency’s plan utilizes AI to better address future threats, secure critical infrastructure and improve workforce efficiency.
5m read -
The Opportunities and Challenges of Securing the 2024 Election
The 2024 presidential election is just under 50 days away, and federal agencies are reassuring voters’ concerns about election security.
4m read