EO 14028 uncertainty offers opportunities in event logging, zero trust, Part 2 of 2
July 6, 2022 Leave a comment
By Ryan Nelson, Market Intelligence Manager
Uncertainty at the agency level about what constitutes compliance with EO 14028’s requirements regarding event logging (EL) and zero trust architecture (ZTA) offers vendors with those technological capabilities an opportunity to support agencies as they try to meet the demands of the order.
In the first part of this two-part series, we looked at event logging. This time we’ll turn our attention to ZTA.
As mentioned in our first installment, agencies have requested significant funding for the zero trust architecture and event logging requirements in the Executive Order, typically to the tune of $25 million per agency to achieve both goals.
Background
EO 14028, signed on May 12, 2021 contains specific directives to achieve improve agency visibility on network activity and cybersecurity. The Office of Management and Budget (OMB) then released clarifying guidance in memos to define what agencies must accomplish. These include:
- OMB 21-31: Improving the Federal Government’s Investigative and Remediation Capabilities Related to Cybersecurity Incidents
- OMB 22-09: Moving the U.S. Government Toward Zero Trust Cybersecurity Principles
EO 14028 required agencies to demine their strategy for achieving a zero trust architecture within 60 days of release, while OMB 22-09 requires specific security goals be achieved by the end of FY2024.
5 Zero Trust Maturity Model goals
The security goals identified by the OMB memorandum map onto the Zero Trust Maturity Model established by the Cybersecurity and Infrastructure Security Agency (CISA):
- Identity: Agency staff will employ enterprise-managed identities to access the applications they use in their work. Phishing-resistant multi-factor authentication (MFA) will protect those personnel from sophisticated online attacks.
- Devices: The Federal Government will develop a complete inventory of every device it operates and authorizes for government use, and can prevent, detect, and respond to incidents on those devices.
- Networks: Agencies will encrypt all DNS requests and HTTP traffic within their environment and begin executing a plan to break down their perimeters into isolated environments.
- Applications and Workloads: Agencies will treat all applications as internet-connected, routinely subject their applications to rigorous empirical testing, and welcome external vulnerability reports.
- Data: Agencies are on a clear, shared path to deploy protections that make use of thorough data categorization. Agencies are taking advantage of cloud security services to monitor access to their sensitive data, and have implemented enterprise-wide logging and information sharing.
Funding for zero trust architecture and event logging
Congress seems to understand that these ZTA initiatives, as well as compliance with enterprise logging requirements, cannot come without budgetary support. In FY22, Congress funded cyber security spending above the Presidential budget request numbers. The FY23 budget increases cybersecurity spending by 11%, up to $11B for non-DoD cybersecurity.
Because of the uncertain political environment, it is unclear as to when specifically approval for the additional spending will come – although the expectation is that funding for both ZTA and Enterprise Logging will in fact be approved.
Opportunities for vendors
Growing attention in these technological areas will create continued opportunities for vendors that can help agencies navigate their way to compliance. Vendors should stay abreast of developments and further guidance from OMB to ensure they can support their agency clients through these challenging but important initiatives.
Interested in keeping up on the latest IT trends in public sector? Subscribe to immixGroup’s Government Sales Insider blog now!
Need help with your FY23 growth strategy? See how our Market Intelligence team can help you define your targets.
Government Sales Insider 