security dashboard (KanawatVector/Shutterstock.com)

Recent attacks may drive government’s zero trust adoption

The White House will push federal agencies to start moving toward a new "zero trust paradigm," according to Federal Chief Information Security Officer Chris DeRusha.

Zero trust, which assumes networks have already compromised, is not new, but security experts have been calling for wider implementation since the breach involving SolarWinds was discovered. In that attack, adversaries moved unchecked through government networks after their initial entry.

"In this new model, real-time authentication tests users, blocks suspicious activity and prevents adversaries from the kind of privilege escalation that was demonstrated in the SolarWinds incident," DeRusha told lawmakers at the March 18 Homeland Security and Government Affairs Committee.

"Many of the tools we need to implement this model already exist within industry and agency environments, but successful implementation will require a shift in mindset and focus at all levels within federal agencies," he continued.

Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency who testified alongside DeRusha, also suggested the government's failure to catch the intrusion had to do with an over emphasis on network perimeter security and a lack of internal detection methods.

"Part of the challenge is that you can only secure what you can see, and over the past decade our system of protection that has largely relied upon sensors deployed at the perimeters of networks that is designed to be fed by intelligence," about known threats, Wales said. "Our adversaries have advanced, they are no longer using the same infrastructure to target us repeatedly."

He also said CISA will use funding from the American Rescue Act to invest in new tools for endpoint detection tools but that ultimately agencies must find a balance between both forms of security.

"That balance was too far out of whack in the past," he said. "It is too focused on the network and not enough inside of networks at the host. "

This article was first posted to FCW, a sibling site to GCN.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected