FB pixel

White House leans harder on agency heads to implement zero trust

White House leans harder on agency heads to implement zero trust
 

It is hard to tell if the U.S. federal government is closer to adopting a zero-trust architecture since the White House made it a priority last May, but there is more meat on the bones of the earlier statement.

President Joe Biden’s original executive order last year had numerous deadlines, and updates about completion have been hard to come by. It is not clear if a new memo put out by the White House this week provides cover for missed goals.

Shalanda Young, acting director of the Executive Office of the President, has issued a 26-page strategy memo stating that all federal departments and agencies have until September 30, 2024, to “reinforce” their defenses against cyberthreats and attacks.

While the significant cost of zero trust and reinforcement is mentioned in the document, no projected budgets are discussed.

Young’s robust memo is more than a statement of accountabilities, although such a document itself would be imposing given the size of the federal government, the scope of changes demanded and the pace required.

Her statement (summarized here) reads with the same urgency heard in 2020 when the government announced it was taking away the U.S. Marines’ battle tanks.

Young took the opportunity to spell out the difference between old-world trusted network architectures and modern zero-trust frameworks — which include multi-factor authentication (MFA) but do not stop there.

The envisioned change, with “significant investments,” she wrote, is necessary to protect lives and assets, the national economy and trust in government.

A more-secure digital future, according to Young, is one in which staff accounts and digital IDs are managed at the enterprise level, which assigns needed access while minimizing the chance of phishing attacks.

And agency systems are separate from each other, connected only through secured channels of encrypted data. Setups like that can better contain intrusions.

There are other goals laid out in the memo, most of which have already been internalized by the most security-conscious U.S. businesses.

For example, departments further along the path to zero-trust architectures should share the experiences, practices and staff with others catching up.

A 2020 survey by ID management services vendor Okta found that 41 percent of its buyers globally reported they were “working on a Zero Trust initiative” or expected to start one “in the near future.”

In 2021, that figure reached 90 percent.

The use of security keys and biometrics for MFA among business rose from 9 percent in 2018 to 21 percent currently, and 30 percent in the tech sector, according to Okta.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Operationalizing biometrics for digital economy is a process

From biometric binding through regulations for payments from digital wallets, the Biometric Update’s top stories of the week reflect a…

 

Deepfakes a ‘now problem’ as EU AI Act passes compliance deadline: Reality Defender

First it was Joe Biden, Kamala Harris and Taylor Swift. Now it’s Scarlett Johannson, Emmanuel Macron and Italy’s Defense Minister…

 

OneID raises £16 million

UK digital verification service OneID has secured new funding amid a rise of interest in digital identity among the country’s…

 

Digital ID verification can make property transactions more efficient, less prone to fraud

In the UK, Russia, South Korea, India and Pakistan, biometrics are making their way into real estate transactions, as digital…

 

IDV experts ponder death and resurrection of document verification

Is document verification dead? The question hangs over a debate hosted by Peak IDV CEO, Steve Craig. Five industry experts…

 

Jamaica operationalizing national digital ID with data exchange platform

Jamaica will make its digital identity available to all of its citizens, Custos of Kingston Steadman Fuller said on Thursday…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events