Friday, November 8, 2024

MeriTalk: CISA ICAM Expert Says Zero Trust Also Requires Machine-Identity

Ross Foard, an ICAM Subject Matter Expert with the Continuous Diagnostics and Mitigation (CDM) Program at the Cybersecurity and Infrastructure Security Agency (CISA), spoke at a virtual summit organized by the Advanced Technology Academic Research Center (ATARC) on July 26 about why a [Zero Trust Architecture] requires machine-identity management.

“The government has focused for a long time on human identities, and we’ve done a pretty good job of making sure that we know who the human identities are, identity proofing, issuing strong authenticators. But that’s being overcome by the number of machine identities that are emerging,” Foard said…

Identity, Foard explained, is the new network perimeter, and agencies need to validate every machine’s identity regardless of location. Limiting verification to user identities could present a false notion of security, he said.

And due to all of the different operating processes with Federal agencies, there is no one-size-fits-all for machine identity, Foard said. Rather, “there are several different ways to identify and manage machine identities,” he explained…

Read the full article here.

[related-post]

LEAVE A REPLY

Please enter your comment!
Please enter your name here

FedHealthIT Xtra – Find Out More!

Recent News

Don’t Miss A Thing

Jackie Gilbert
Jackie Gilbert
Jackie Gilbert is a Content Analyst for FedHealthIT and Author of 'Anything but COVID-19' on the Daily Take Newsletter for G2Xchange Health and FedCiv.

Subscribe to our mailing list

* indicates required