Duration: 1 hour
Cost: No Fee

The Cybersecurity and Infrastructure Security Agency is helping agencies with crucial identity, credential and access management capabilities through its Continuous Diagnostics and Mitigation program, among other efforts.

Ross Foard, ICAM subject matter expert at CISA, says the cyber agency been developing strong authentication measures for agencies through the CDM program since 2017. The program has helped agencies develop a master user record that gives them a “comprehensive list or repository of all their users,” Foard said.

Those tools were developed for legacy environments initially, and with many agencies now modernizing and moving to cloud computing services, Foard said CDM is modernizing its master user record tools.

“These capabilities will be extended to be able to help CFO Act agencies move to the cloud,” Foard said.

While agencies have typically used the Personal Identity Verification (PIV) cards to authenticate users, agencies are also exploring new authentication mechanisms, like single sign-on technologies. Such capabilities have been encouraged by the Office of Management and Budget through the federal zero trust strategy.

“The really important point about these new single sign-on services that are cloud-based is they operate on modern protocols,” Foard said. “And those modern protocols are very important because they allow you to identify the strength of the person authenticating, but even after that, it differentiates between how that person gets access to different applications. It doesn’t replay a password. You have specific assertions that are sent to an application. And you can send with those assertions specific information about the user to make sure that you know what he can do when he gets those applications. So this modernizing of these protocols is really very important.”

In the past, agencies have relied on manual processes to allow privileged access to networks, sometimes resulting in overprovisioning, according to CyberArk Senior Director Bryan Murphy.

“When you move this to an automated process, it becomes very auditable,” Murphy said. “We can make sure that we’re compliant. We know when things are happening. We can trigger on the different things that happen. And it seems that we’ve shifted from years past, where we felt the manual control was the gatekeeper to keep the attackers away, where in reality, we need to leverage the artificial intelligence that we have and a lot of the automation we can put in place. Because these attackers aren’t working on our systems or accessing our systems during normal hours. They’re not very loud when they’re in our systems, and we’ve got to make sure that we constantly have protections that are looking at and sniffing out these types of scenarios.”

Modern protocols and automation are key facets of OMB’s federal zero trust strategy. Agencies are now working toward implementing zero trust on their networks by the end of fiscal 2024.

“We know that people and devices are all over the place,” Foard said. “And that should not be a barrier to getting access to services. You just need to make sure that the devices are known and secure, and the people are known and secure when you give them access to those services.”

Learning objectives:

• ICAM overview at CISA
• How ICAM factors into zero trust
• Industry analysis

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.