NSA offers new tips on zero trust and identity – FCW.com

Category: NSA

The National Security Agency has new recommendations on identity, credential and access management security controls and their role in zero trust architecture.

The cybersecurity information sheet, released Tuesday, builds on previous NSA guidance on zero trust with more specifics for what it calls the user pillar focused on managing access.

Although the information is intended for owners and operators of national security systems including defense and intelligence agencies, but also contractors in the space zero trust has been a cybersecurity focus for federal agencies since at least the beginning of the Biden administration.

Government agencies were called to make plans for zero trust architecture in an executive order released by President Biden in May 2021. National security systems also got zero trust orders via a 2022 memo.

The White House defined zero trust as an architecture that requires continuous verification of the operational picture via real-time information in the order, meaning establishing IT systems that both monitor user behavior on networks and segment access in an effort to mitigate potential cyber attacks.

NSAs model delineates zero trust into seven pillars: user, devices, applications & workloads, data, network & environment, automation & orchestration and visibility & analytics.

Within the user pillar, the information sheet details the capabilities needed for zero trust, including identity management, credential management, access management, federation to ensure system interoperability and governance around continuous improvement.

The report goes through capabilities and maturity levels for identity, credential and access management, as well as identity federation, in what it says is a maturation of existing ICAM architecture for federal agencies in line with the zero trust model.

The new information sheet points to recent breaches and cyber attacks done by exploiting weaknesses in identity and access controls. In 2021, the Colonial Pipeline ransomware attack was perpetrated via a compromised password for a virtual private network that didnt have multi-factor authentication in place. The 2015 data breach of personnel records at the Office of Personnel Management occurred via compromised credentials.

Malicious cyber actors increasingly exploit gaps and immature capabilities in the identity, credential, and access management of our nations most critical systems, said Kevin Bingham, NSAs zero trust lead said in a statement. Our report provides recommendations that will help system operators strengthen identity protections to limit the damage of future compromises.

NSA is also planning to release more information sheets meant to help organize, guide and simplify incorporating zero trust principles and designs into enterprise networks, according to the new cybersecurity information sheet.

View post:
NSA offers new tips on zero trust and identity - FCW.com

OpenAI Appoints Former NSA Director Paul Nakasone to Board of Directors - SecurityWeek - June 15th, 2024 [June 15th, 2024]
OpenAI adds former NSA chief to its board - CNBC - June 15th, 2024 [June 15th, 2024]
Former head of NSA joins OpenAI board - The Verge - June 15th, 2024 [June 15th, 2024]
Former NSA Head Joins OpenAI Board and Safety Committee - RetailWire - June 15th, 2024 [June 15th, 2024]
Former NSA head joins OpenAI board and safety committee - TechCrunch - June 15th, 2024 [June 15th, 2024]
Calculated Betrayal: Snowden Slams OpenAI Over NSA Ties - Decrypt - June 15th, 2024 [June 15th, 2024]
OpenAI appoints former NSA chief Paul Nakasone to board - DIGITIMES - June 15th, 2024 [June 15th, 2024]
OpenAI adds former NSA chief Gen. Paul Nakasone to board of directors, Safety and Security Committee - Firstpost - June 15th, 2024 [June 15th, 2024]
OpenAI Appoints Cybersecurity Expert And Retired US Army Genera With NSA Pedigree To Board, Enhancing AI ... - Benzinga - June 15th, 2024 [June 15th, 2024]
OpenAI Adds Former NSA Chief to Its Board and Safety Committee - Tech Times - June 15th, 2024 [June 15th, 2024]
Working with new NSA Director General has been good thus far Bawa Majeed - Citi Sports Online - May 15th, 2024 [May 15th, 2024]
NSA top Trinity Christian to advance to VISAA Division II semifinals - The Suffolk News-Herald - Suffolk News-Herald - May 15th, 2024 [May 15th, 2024]
Former NSA head Paul Nakasone to helm national security institute at Vanderbilt - The Record from Recorded Future News - May 15th, 2024 [May 15th, 2024]
US is still chasing down pieces of Chinese hacking operation, NSA official says - The Record from Recorded Future News - March 18th, 2024 [March 18th, 2024]
6 CISO Takeaways from the NSA's Zero-Trust Guidance - Dark Reading - March 18th, 2024 [March 18th, 2024]
St. John's M.S. in Cyber and Information Security Earns Key NSA Validation - St John's University News - March 18th, 2024 [March 18th, 2024]
NSA girls lacrosse unleash the offense in defeat of First Flight - The Suffolk News-Herald - Suffolk News-Herald - March 18th, 2024 [March 18th, 2024]
Three Things to Know About an NSA Career in 2024 - ClearanceJobs - January 3rd, 2024 [January 3rd, 2024]
Senate votes to confirm Lt. Gen. Timothy Haugh to lead CYBERCOM and NSA/CSS - United States Cyber Command - December 23rd, 2023 [December 23rd, 2023]
NSA Highlights AI, Partnerships in 2023 Cyber Review - MeriTalk - December 23rd, 2023 [December 23rd, 2023]
NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains - SecurityWeek - December 23rd, 2023 [December 23rd, 2023]
Unsanctioned election of new Rugby Ghana board null and void NSA - GhanaWeb - December 23rd, 2023 [December 23rd, 2023]
NSA Publishes 2023 Cybersecurity Year in Review - National Security Agency - December 23rd, 2023 [December 23rd, 2023]
Senate votes to confirm Lt. Gen. Timothy Haugh to lead CYBERCOM and NSA/CSS - National Security Agency - December 23rd, 2023 [December 23rd, 2023]
NSA Reiterates Achievements in AI & Defense Against Russia, China in 2023 Cybersecurity Review - Executive Gov - December 23rd, 2023 [December 23rd, 2023]
How to Make $500 Monthly From NSA Stock - Yahoo Finance - December 23rd, 2023 [December 23rd, 2023]
NSA appoints new Cyber Command head | SC Media - SC Media - December 23rd, 2023 [December 23rd, 2023]
Senate Confirms Biden's Pick To Lead NSA and Military's Cyber Force - The Messenger - December 23rd, 2023 [December 23rd, 2023]
NSA Releases International Cybersecurity Guidance on AI System Development; Rob Joyce Quoted - Executive Gov - December 1st, 2023 [December 1st, 2023]
Guidance for Securing AI Issued by NSA, NCSC-UK, CISA, and ... - National Security Agency - December 1st, 2023 [December 1st, 2023]
The Pannun Affair reveals a penetrated Indian government ... - Bharat Karnad - December 1st, 2023 [December 1st, 2023]
"Unconscionable": Indian Student Held Captive, Forced Into Labour In US - NDTV - December 1st, 2023 [December 1st, 2023]
Tinubu met a bad economy but he's worsening it | TheCable - TheCable - December 1st, 2023 [December 1st, 2023]
Crack a 1999 NSA Cryptography Standard and Win a Bounty - The New Stack - October 23rd, 2023 [October 23rd, 2023]
NSA Cybersecurity Information Sheet Pushes for Zero Trust Security in DOD Devices - Executive Gov - October 21st, 2023 [October 21st, 2023]
Top 10 misconfigurations: An NSA checklist for CISOs - The Stack - October 21st, 2023 [October 21st, 2023]
NSA and Partners Issue Additional Guidance for Secure By Design ... - National Security Agency - October 21st, 2023 [October 21st, 2023]
NSA Shares Recommendations to Advance Device Security Within ... - National Security Agency - October 21st, 2023 [October 21st, 2023]
NSA calls for a 'root and branch' review of Red Tractor - Farmers Guardian - October 21st, 2023 [October 21st, 2023]
Nansemond-Suffolk tennis falls to Norfolk Academy Thursday - The ... - Suffolk News-Herald - October 21st, 2023 [October 21st, 2023]
Israel's NSA warns of US intervention as Gaza conflict escalates - IndiaTimes - October 21st, 2023 [October 21st, 2023]
The U.S. government is still in its Tumblr era. - Slate - October 21st, 2023 [October 21st, 2023]
NSA Releases a Repository of Signatures and Analytics to Secure Operational Technology - HS Today - HSToday - October 13th, 2023 [October 13th, 2023]
NSA releases a repository of signatures and analytics to secure ... - National Security Agency - October 13th, 2023 [October 13th, 2023]
A Flourishing Wildflower: Sandra Seizes the Day at NSA - National Security Agency - October 13th, 2023 [October 13th, 2023]
NSA and U.S. Agencies Issue Best Practices for Open Source ... - National Security Agency - October 13th, 2023 [October 13th, 2023]
Medical societies representing radiology, emergency medicine and ... - Radiology Business - October 13th, 2023 [October 13th, 2023]
Cybersecurity is a team sport; know your position and the defensive ... - University of Nevada, Reno - October 13th, 2023 [October 13th, 2023]
Why only 1% of the Snowden Archive will ever be published - ComputerWeekly.com - October 13th, 2023 [October 13th, 2023]
New NSA center will oversee development and integration of AI capabilities - SiliconANGLE News - October 5th, 2023 [October 5th, 2023]
NSA- and CISA-Led Panel Release Report on Developer and Vendor Challenges to Identity and Access Management ... - HSToday - October 5th, 2023 [October 5th, 2023]
NSA and ESF Partners Release Report on MFA and SSO Challenges - National Security Agency - October 5th, 2023 [October 5th, 2023]
Unexpected Twists, Unified Community: Vivian's NSA Journey - National Security Agency - October 5th, 2023 [October 5th, 2023]
NSA, CIA senior officials address artificial intelligence threats and ... - intelNews.org - October 5th, 2023 [October 5th, 2023]
Food must be at the centre of environmental policy decisions NSA - Meat Management - October 5th, 2023 [October 5th, 2023]
NSA to stand up AI security center - Defense One - September 29th, 2023 [September 29th, 2023]
NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC ... - CISA - September 29th, 2023 [September 29th, 2023]
President Obama's NSA-Modified Cell Phones on Display at the ... - National Security Agency - September 29th, 2023 [September 29th, 2023]
Striving for Excellence: Silvino's Path to an NSA Career - National Security Agency - September 29th, 2023 [September 29th, 2023]
Commissioners, mayor meet with NSA Crane's new commanding ... - Sullivan Daily Times - September 29th, 2023 [September 29th, 2023]
Privacy watchdog fractures over 702 opinion - POLITICO - POLITICO - September 29th, 2023 [September 29th, 2023]
Nic Carter doubles down on theory Bitcoin was invented by NSA - Cointelegraph - September 23rd, 2023 [September 23rd, 2023]
Reality Winner Release Date, Trailer, and More - The Mary Sue - September 23rd, 2023 [September 23rd, 2023]
Cyber Firm Started By Ex-Director Of NSA Prepares For Bankruptcy - Aviation Week - September 23rd, 2023 [September 23rd, 2023]
No special exemption for actions like this: US NSA - IndiaTimes - September 23rd, 2023 [September 23rd, 2023]
New revelations from the Snowden archive surface - ComputerWeekly.com - September 23rd, 2023 [September 23rd, 2023]
Readout of NSA Jake Sullivan's Meeting with CCP Politburo ... - US Embassy & Consulates in China - September 23rd, 2023 [September 23rd, 2023]
NSA to hold webinar on impacts of UK livestock vaccine shortage ... - Agriland.co.uk - September 23rd, 2023 [September 23rd, 2023]
NSA Scotland to host field day at the end of next month - Agriland.co ... - Agriland.co.uk - September 23rd, 2023 [September 23rd, 2023]
Cyber Command, NSA pick advances to Senate floor, but path to confirmation remains blocked - The Record from Recorded Future News - July 30th, 2023 [July 30th, 2023]
Former NSA-er Harry Coker Nominated National Cyber Director - Dark Reading - July 30th, 2023 [July 30th, 2023]
Preventing Web Application Access Control Abuse - CISA - July 30th, 2023 [July 30th, 2023]
Viv takes on double role at NSA North Sheep - The Westmorland Gazette - May 20th, 2023 [May 20th, 2023]
Food security action call as Sunak talks hailed by NSA - The Press & Journal - May 20th, 2023 [May 20th, 2023]
Mother arrested for abandoning baby like 'trash' in US: Reports - NewsDrum - May 20th, 2023 [May 20th, 2023]
EAM holds talks with Swedish PM, NSA in Stockholm - United News of India - May 20th, 2023 [May 20th, 2023]
Sheep farmer hailed for 'unwavering work' in protecting native breeds - FarmingUK - May 20th, 2023 [May 20th, 2023]
Airtel MD on 5G rollout: Not in a maniac rush to compete on the number of sites - Times of India - May 20th, 2023 [May 20th, 2023]
Personal injury + the No Surprises Act - Chiropractic Economics - May 20th, 2023 [May 20th, 2023]
NSA Gives Assessment of Cyber Threats from Russia, China, and AI - Data Center Knowledge - May 6th, 2023 [May 6th, 2023]

March 20th, 2023

No comments yet

Comments are closed.

Mediaboss Marketing

NSA offers new tips on zero trust and identity – FCW.com

About

Pages

Categories

Media Sites

Recommended Sites

Archives