EO 14028 uncertainty offers opportunities in event logging, zero trust (Part 1 of 2)
June 30, 2022 Leave a comment
By Ryan Nelson, Market Intelligence Manager
The Executive Order on Improving the Nation’s Cybersecurity, along with timelines and compliance guidance from the Office of Management and Budget (OMB), is causing some confusion among agencies as to what actually constitutes compliance. Agencies have requested significant funding for zero trust architecture (ZTA) and event logging (EL) requirements in the Executive Order, often around $25 million per agency to achieve both goals.
Vendors that can help agencies comply with the order and meet OMB’s timelines will be of extreme interest to these organizations.
Background
Signed on May 12, 2021, EO 14028 contains specific directives to achieve improve agency visibility on network activity and cybersecurity. The Office of Management and Budget (OMB) then released clarifying guidance in memos to define what agencies must accomplish. These include:
- OMB 21-31: Improving the Federal Government’s Investigative and Remediation Capabilities Related to Cybersecurity Incidents
- OMB 22-09: Moving the U.S. Government Toward Zero Trust Cybersecurity Principles
EO 14028 requires agencies to determine their strategy for achieving a zero trust architecture within 60 days of release, while OMB 22-09 requires specific security goals be achieved by the end of FY24.
Read more of this post