“The White House on Wednesday published a final version of its zero-trust architecture strategy, which is intended to substantially improve the cybersecurity of government agency systems by 2024.
Key aspects of the new document include a new enhanced focus on multi-factor authentication, a requirement that departments move towards encrypting all DNS requests and HTTP traffic, and begin to segment their network perimeters into separate isolated environments…”
“Within 60 days of the memorandum being issued, agencies must incorporate the additional requirements identified in the document and submit an implementation plan for fiscal 2022-2024 to OMB and CISA for review.
The new memo requires also that within 120 days, agency chief data officers must work with their staff to develop a set of initial categorizations for sensitive electronic documents within their departments that could be used to automatically monitor and restrict the sharing of sensitive documents…”
“Also in support of the memo implementation, CISA and GSA will collaborate to create a procurement structure for agencies that allows for rapid acquisition of rigorous application-security testing capabilities.
‘As a result of this work, agencies should be able to schedule most work within less than a month (or in high-urgency situations, a few days),’ OMB said in the memo…” Read the full article here.
Source: White House publishes final zero trust strategy for federal agencies – By John Hewitt Jones, January 26, 2022. FedScoop.