• Sponsored

TSA and Fortinet Federal leaders on the journey to zero trust

Zero-trust security architecture is the new norm for safeguarding federal agencies and their data. However, challenges loom large in aligning with the Administration’s zero-trust mandates, especially as it sets ambitious targets for 2024.

Dan Daly, deputy director for information assurance and cybersecurity for the Transportation Security Administration, and Felipe Fernandez, CTO for Fortinet Federal, recently joined FedScoop to share their insights on the government’s zero trust journey.

One of the primary obstacles Daly highlighted is the intricate process of transitioning from existing legacy environments to the new zero-trust architecture. The federal government’s budgeting process, spanning over five years, poses a significant hurdle, making it challenging to swiftly adjust security postures and budgets to align with the comprehensive zero-trust framework. Despite the executive order allowing a few years for compliance, the practicality of executing this transition within budgetary constraints remains a substantial concern for agencies.

Fernandez emphasized the importance of a cultural shift within federal agencies to ensure successful zero-trust implementation. Executive adoption of zero-trust principles and a collective commitment at all levels are crucial for overcoming inertia and achieving a unified approach to security. The complexity of agency networks, characterized by multiple enclaves with varying degrees of intricacy, further complicates the implementation of a centralized zero-trust approach.

“There’s not just one technical solution for an entire zero-trust principle or set of principles. At times, you’re going to have to get two different solutions, three different solutions, or accept risk in various elements. And that’s just the challenge of where we are,” Fernandez said.

Daly highlighted how TSA has made significant strides in zero-trust initiatives. “Fortunately, our administrator was fully supportive from the beginning, allowing us to secure approval for a resource allocation…This approval gave us the necessary resources to dedicate a team to zero trust, unlike many other agencies that had to divert existing personnel from ongoing cybersecurity responsibilities to adopt this new paradigm.”

Learn more about evolving government security architectures.

This video panel discussion was produced by Scoop News Group, for FedScoop and underwritten by Fortinet Federal.