Identifying key sensitive datasets that make up the “crown jewels” of each agency is key to federal agencies’ successful implementation of zero-trust architecture, according to a senior technology official at the Bureau of Labor Statistics.
Speaking Thursday at the Zero Trust Summit, hosted by CyberScoop, Zero Trust Architect Robert Holstein said the ability to discriminate between assets is crucial to allow the efficient use of resources.
“It’s being able to inventory and have the visibility and analytics to identify your datasets. What is really the crown jewels?” he said
Holdstein added: “Without the visibility and ability to sort through that [data] and categorize it in a meaningful way, you’re going to spend a lot of money and a lot of time on whether to protect it or not.”
Under the final version of the White House’s zero-trust architecture strategy, which was issued last year, federal agency chief data officers were required within 120 days to develop a set of initial categorizations for sensitive electronic documents within their departments that could be used to automatically monitor and restrict the sharing of sensitive documents.
Managing large sets of data can prove challenging for agencies because of the competing priorities to make government-collected statistics available for researchers and the public, while also protecting information that may have implications for national security.
The Department of Energy, for example, has worked to increase the availability of data to scientists for cutting-edge research while also protecting some of the most sensitive U.S. government information, including that related to nuclear programs.