“Department of Homeland Security (DHS) Deputy Chief Technology Officer Brian Campo said that DHS has finalized the final draft of a two-year roadmap for adoption of the zero trust security model.”
“During a GovExec virtual event on zero trust architecture on Oct. 14, Campo said the draft zero trust roadmap was developed by focusing on use cases, on guidance for zero trust architecture finalized by the National Institute of Standards and Technology (NIST) in August, and on input from DHS’s Cybersecurity and Infrastructure Security (CISA) component.”
“Campo said DHS looked at an incremental phased approach to zero trust, looked at what NIST and CISA had to say, and then tried to figure out ‘what we can do better’ for the agency. He added the DHS roadmap will help to ‘guide industry to know what we are looking for.’”
“He said ‘overarching guidance like the NIST and CISA guidance are important … they set a ground-level truth’ for zero trust. He added that CISA’s Trusted Internet Connections (TIC) modernization effort ‘goes right along with zero trust.’”
“’They are a base fundamental guidance about what you want to do’ for considering zero trust adoption, Campo said. But then, it’s still up to each Federal agency to tailor their approach by understanding their own particular mission needs and expected threat vectors.”
“Speaking more generally about zero trust, Campo said the model is ripe to replace the ‘archaic model’ of perimeter defense. ‘We don’t have a [network] boundary any more … it’s really amorphous…’” Read the full article here.
Source: DHS Official Discusses Agency’s Zero Trust Roadmap Draft – By John Curran, October 15, 2020. MeriTalk.