White House Releases Zero Trust Strategy for Federal Government

White House Releases Zero Trust Strategy for Federal Government

The White House has unveiled its strategy to embed a zero trust approach to cybersecurity across the federal government.

The memorandum, published by the Office of Management and Budget (OMB), sets out a series of specific security goals for agencies to establish a ‘never trusted, always verified’ model. This includes introducing stronger enterprise identity and access controls, such as multi-factor authentication (MFA). It also wants federal agencies to have a complete inventory of every device it operates and authorizes for government use and encrypt all DNS requests and HTTP traffic within their environment.

The strategy represents a key component of delivering President Joe Biden’s Executive Order last year, which mandated a drive to secure cloud services and zero trust across federal government departments and their suppliers.

Federal agencies must incorporate the additional requirements identified in the new memorandum into their plans to develop zero trust architecture within 60 days. In addition, they need to designate and identify a zero trust strategy implementation lead for their organization.

The latest requirements were developed in response to increasingly sophisticated cyber-attacks, including the Log4j vulnerability. The OMB said such incidents have demonstrated that the federal government can no longer depend on

Read More: https://www.infosecurity-magazine.com/news/white-house-zero-trust-government/