By Amanda Kane, Christine Owen
Recent cybersecurity breaches are evidence of the need for contextual authentication and authorization to protect mission-critical technology components. Zero Trust Architecture (ZTA) meets this need by unifying security tools from multiple security domains to create an active security posture within a network’s perimeter.
The integration of strong identity and access management (IAM) principles is the underlying foundation that must be present for a well-built ZTA. Agencies are in different stages of migrating to ZTA—from researching to preparing their systems to remove the traditional perimeter. However, agencies have found difficulty with procurement and deployment of the right tools due to a variety of issues, including lack of funding, reliance on legacy systems, or even inability to properly staff migration projects. These setbacks are slowing the necessary preparation for emerging cyber threats and accruing technical debt in the process.
On May 12, 2021, the Biden administration released a new Executive Order on Improving the Nation’s Cybersecurity to address some of these common problems with ZTA adoption. The executive order (EO) mandates timeframes to meet the following core objectives:
The objectives in the EO build upon an Office of Management and Budget Memorandum M-19-17 for Enabling Mission Delivery through Improved Identity, Credential, and Access Management, issued two years ago. This memo encouraged agencies to establish internal governance around identity and tasked specific agencies with identity policy and standards development to aid in consistency across government. Meeting these objectives in the given timeframes while planning for and adopting ZTA, minimizing technical rework, and eliminating legacy system-related obstacles is attainable with the right partner.
Guidehouse partners with our clients to develop cost-effective and timesaving strategies to align systems with ZTA using IAM principles.
Guidehouse has a robust cybersecurity practice with a dedicated IAM offering:
Guidehouse has a robust cybersecurity practice with a dedicated offering to IAM. Let us help you build greater confidence in your organization’s security posture.
Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.