Governance & Risk Management , Zero Trust

Federal CIO Says Agencies on Track for Zero Trust Milestones

Top Government Agencies 'All in the High 90% Range' for Completion, Says Martorana
Federal CIO Says Agencies on Track for Zero Trust Milestones
Federal CIO Clare Martorana testifying during a Sept. 16, 2022, House hearing on federal IT modernization

Major government agencies are on track to achieve key milestones included in an upcoming deadline given in the federal zero trust strategy amid significant cybersecurity improvements across federal networks, according to federal CIO Clare Martorana.

See Also: Zero Trust: Approaches, Use Cases, and Myths Debunked

Martorana said the 24 CFO Act Agencies - the largest and often considered most influential agencies in the United States - "are all in the high 90% range" for meeting the goals outlined in the strategy, which include implementing identity and access management, enhancing data protection and automating security responses. The Office of Management and Budget said it has seen a significant increase in federal progress toward the Sept. 30 deadline and that the completion rate has risen "from 81% to 87% for agencies on that journey," according to Martorana.

The federal CIO told the Billington CyberSecurity Summit in Washington, D.C., that zero trust, a security model which inherently assumes that threats can be ever-present, "is a journey, not a destination." She said that achieving the requirements included in the 2022 federal strategy "requires consistent funding" and added: "Our budgets are a challenge."

The federal zero trust strategy gives agencies until the end of fiscal year 2024 to enforce a wide variety of components to a zero trust architecture, such as requiring agency staff to use phishing-resistant multifactor authentication. Agencies are also tasked with maintaining inventories of all devices they operate and authorize for government use and with treating all applications as being internet-connected (see: US OMB Releases Zero Trust Strategy for Federal Agencies).

Many agencies benefited from additional funding for cybersecurity projects supported by the Technology Modernization Fund, according to Martorana. She said that 83% of investments in the TMF went to cross-agency cybersecurity initiatives, "helping agencies get on the path to zero trust."

The push to achieve zero trust across the federal enterprise comes amid an intensifying threat landscape for government agencies, as foreign adversaries such as Russia, China and Iran are using artificial intelligence to rapidly exploit vulnerabilities and amplify cyberattacks. The strategy requires all agencies to ensure their endpoint detection and response tools meet technical requirements outlined by the Cybersecurity and Infrastructure Security Agency and are deployed widely to ensure adequate coverage.

"It is a continued journey that the government is going to undergo for many years," Martorana said. "But I can see real progress."


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.