Operationalize Zero Trust

Identity is at the heart of security. Among top actionable agency identity priorities:

• Employ centralized ID management
• Use strong MFA
• Consider device and ID information
• Eliminate requirements for special characters and password rotation

How can you protect against sophisticated threats targeting the spectrum of devices? Among the priorities for government agencies:

• Use CDM tools for inventory
• USE EDR tools that meet CISA standards

Government networks are a top target for adversaries -- and for good reason. Among network protection punchlist priorities for government agencies:

• Use encrypted DNS (CISA has supporting service)
• Use HTTPS for all web and API traffic
• Develop a Zero Trust Architecture plan

Government networks are a top target for adversaries -- and for good reason. Among network protection punchlist priorities for government agencies:

• Use encrypted DNS (CISA has supporting service)
• Use HTTPS for all web and API traffic
• Develop a Zero Trust Architecture plan

Government holds the keys to highly sensitive data which is dispersed throughout a hybrid enterprise. Among data security punchlist priorities for government agencies:

• Automate data categorization and security
• Audit access to any encrypted data in the cloud
• Implement event logging per M-21-31

Agencies need comprehensive visibility across the enterprise in order to prioritize risk and take timely mitigation actions. Among the punchlist of priorities for agencies:

• Collect and process all logs, including network, data, application, device, and user logs and make those available to the appropriate CNDSP or SOC

Agencies are embracing orchestration and automation to optimize operational efficiency and mitigate risk. Among the punchlist priorities for agencies:

• Conduct task automation analysis to identify repetitive, predictable cybersecurity tasks suitable for techniques like RPA
• Analyze Policy Enforcement Points (PEP) and Policy Decision Points (PDP) for automation