The challenge of Zero Trust compliance

Nov. 16, 2021
To meet recent Zero Trust mandates, embrace industry collaboration

To improve the nation's cybersecurity and protect federal networks, President Biden signed an Executive Order in May 2021, giving agencies 90 days to develop a Zero Trust strategy among a slew of other deadlines. To best meet the requirements of the Executive Order, the public sector will need to utilize private sector partners for their breadth and depth of expertise and resources in Zero Trust and other areas. 

In August 2021, CISA launched a new cybersecurity strategy with its Joint Cyber Defense Collaborative (JCDC) initiative. With representation from the government, including the Department of Homeland Security (DHS), Department of Justice (DOJ), United States Cyber Command (USCYBERCOM), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and more, the JCDC will enable operational collaboration of the public and private sectors to develop future cyber defense plans. 

Also important is the range of organizations that will be represented. The JCDC includes leading mobile technology and cloud computing providers, acknowledging that cyber threats can reach us on any service or device that's connected to the internet.

Government has many resources that are a crucial starting point. It can provide access to actionable, sensitive cyber threat information private industries do not have, and centralized organizations to coordinate national cybersecurity efforts and defend against global threats. 

Together with private sector leaders, agencies can benefit from the breadth of enterprise knowledge, their partners’ broad customer bases and the specialization each partner brings. For example, Lookout could aid agencies in developing a holistic cybersecurity solution utilizing their specialized mobile dataset - containing telemetry from over 200 million devices and 150 million apps.

Becoming a Zero-Trust Expert Through Industry Partnerships

When it comes to zero trust, agencies should seek partners that provide comprehensive solutions to close frequently overlooked gaps in agency Zero Trust approaches.

Agencies are aware of the need to adopt a Zero Trust strategy but may not have the right combination of security tools to truly implement a Zero Trust architecture. To deploy Zero Trust and secure mission-critical data, agencies need a level of continuous conditional access that can only be delivered through a single integrated security platform, securing data from the endpoint to the cloud and everywhere in between.

For example, with a substantial baseline laid through a platform built on SASE, CASB, and ZTNA, security applications that stand on top of these solutions can provide the complete zero trust architecture agencies need.  

SASE secures access to an organization's cloud network regardless of the location of the devices requesting access. CASB can perform critical monitoring of cloud-based apps. ZTNA gives users seamless and secure connectivity to private applications without ever placing them on the network or exposing apps to the internet. These technologies form a baseline for a successful zero trust strategy.   

On top of these solutions, technologies like Enterprise Data Rights Management (EDRM) antivirus / anti-malware (AVAM)—technology that discovers viruses and potential malware as they're being downloaded to a device—and many more can be consistently laid on top and applied across the network including in the cloud, on mobile devices and any place government users are to accomplish their missions. When CASB, ZTNA, and SASE solutions are delivered from one platform, the technologies that lie on top of these solutions can be extended and applied wherever they're needed.

The Biden administration’s Executive Order is a reminder of the critical need for the public and private sector to rethink cybersecurity—and this reimagining includes partnerships between government and industry.  The new JCDC initiative highlights the importance of partnership—and there are numerous reasons this approach needs to be a central consideration in government cyber efforts moving forward.

To protect against increasingly sophisticated cybercriminals, the public and private sectors need to pool resources. Empowered by the best experts in every element of cybersecurity, the federal government can overcome the seemingly insurmountable challenge of modern cyber threats.

About the author: Tony D'Angelo is the VP of the North American Public Sector at Lookout.
About the Author

Tony D'Angelo | VP of the North American Public Sector at Lookout

To improve the nation's cybersecurity and protect federal networks, President Biden signed an Executive Order in May 2021, giving agencies 90 days to develop a Zero Trust strategy among a slew of other deadlines. To best meet the requirements of the Executive Order, the public sector will need to utilize private sector partners for their breadth and depth of expertise and resources in Zero Trust and other areas. 

In August 2021, CISA launched a new cybersecurity strategy with its Joint Cyber Defense Collaborative (JCDC) initiative. With representation from the government, including the Department of Homeland Security (DHS), Department of Justice (DOJ), United States Cyber Command (USCYBERCOM), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and more, the JCDC will enable operational collaboration of the public and private sectors to develop future cyber defense plans. 

Also important is the range of organizations that will be represented. The JCDC includes leading mobile technology and cloud computing providers, acknowledging that cyber threats can reach us on any service or device that's connected to the internet.

Government has many resources that are a crucial starting point. It can provide access to actionable, sensitive cyber threat information private industries do not have, and centralized organizations to coordinate national cybersecurity efforts and defend against global threats. 

Together with private sector leaders, agencies can benefit from the breadth of enterprise knowledge, their partners’ broad customer bases and the specialization each partner brings. For example, Lookout could aid agencies in developing a holistic cybersecurity solution utilizing their specialized mobile dataset - containing telemetry from over 200 million devices and 150 million apps.

Becoming a Zero-Trust Expert Through Industry Partnerships

When it comes to zero trust, agencies should seek partners that provide comprehensive solutions to close frequently overlooked gaps in agency Zero Trust approaches.

Agencies are aware of the need to adopt a Zero Trust strategy but may not have the right combination of security tools to truly implement a Zero Trust architecture. To deploy Zero Trust and secure mission-critical data, agencies need a level of continuous conditional access that can only be delivered through a single integrated security platform, securing data from the endpoint to the cloud and everywhere in between.

For example, with a substantial baseline laid through a platform built on SASE, CASB, and ZTNA, security applications that stand on top of these solutions can provide the complete zero trust architecture agencies need.  

SASE secures access to an organization's cloud network regardless of the location of the devices requesting access. CASB can perform critical monitoring of cloud-based apps. ZTNA gives users seamless and secure connectivity to private applications without ever placing them on the network or exposing apps to the internet. These technologies form a baseline for a successful zero trust strategy.   

On top of these solutions, technologies like Enterprise Data Rights Management (EDRM) antivirus / anti-malware (AVAM)—technology that discover viruses and potential malware as they're being downloaded to a device—and many more can be consistently laid on top and applied across the network including in the cloud, on mobile devices and any place government users are to accomplish their missions. When CASB, ZTNA, and SASE solutions are delivered from one platform, the technologies that lie on top of these solutions can be extended and applied wherever they're needed.

The Biden administration’s Executive Order is a reminder of the critical need for the public and private sector to rethink cybersecurity—and this reimagining includes partnerships between government and industry.  The new JCDC initiative highlights the importance of partnership—and there are numerous reasons this approach needs to be a central consideration in government cyber efforts moving forward.

To protect against increasingly sophisticated cybercriminals, the public and private sectors need to pool resources. Empowered by the best experts in every element of cybersecurity, the federal government can overcome the seemingly insurmountable challenge of modern cyber threats.

About the author: Tony D'Angelo is the VP of the North American Public Sector at Lookout.