Last month, the Office of Management and Budget (OMB) and the Cyber and Infrastructure Security Agency (CISA) released draft guidance to implement a Zero Trust cybersecurity policy government-wide. OMB and CISA are seeking public comment on the strategical and technical guidance published in direct support of President Biden’s Executive Order on Improving the Nation’s Cybersecurity (“EO 14208”). What is Zero Trust Architecture?

Zero Trust architecture is a security framework that requires all users to be authenticated, authorized and continuously validated to gain access to an organization’s network architecture. When deployed correctly, a Zero Trust architecture helps prevent successful data breaches by eliminating the concept of trust from an organization’s network architecture. Zero Trust architecture is based on the principle of “never trust, always verify,” as opposed to the traditional concept of “trust but verify.”

The National Institute of Standards and Technology (NIST) released a second draft of its Zero Trust […]