Stephen Kovac, vice president of global government and head of corporate compliance at Zscaler, has said that agencies must use new security approaches like zero trust to fortify multicloud and hybrid environments.
Kovac wrote in an opinion piece published Monday on FCW that agencies must align their approaches with the Cybersecurity and Infrastructure Security Agency“™s Trusted Internet Connections 3.0 guide to ensure flexibility as the remote workplace shifts to scalable networks that support cloud-based operations.
He noted that the TIC 3.0 and National Institute of Standards and Technology“™s requirements for zero-trust implementation promote the use of “trust zones“ that agencies can deploy for various use cases.
Trust zones can secure identity and access management functions while bringing security closer to access points in nontraditional environments, said Kovac.
However, agencies must implement customized zero-trust approaches based on specific mission needs, he noted.
“Going forward, government network managers should continue to align security to users and data,“ Kovac said “To innovate, and make real progress, agencies need pilot programs and they need funding.“