4 speakers
On Demand
Duration: 1 hour
Cost: No Fee
Officials behind the Air Force’s marquee cloud development platform are planning to help customers with the daunting first steps toward a “zero trust” security posture.
The Defense Department and the rest of the federal government have a mandate to adopt zero trust in the coming years. The Air Force’s Platform One is trying to simplify that journey for its customers by embedding some zero trust capabilities into the custom software factories it builds through its “Big Bang” offering.
“Instead of trying to look at the maturity model, seeing the many things that you have to do, and getting overwhelmed thinking you have to eat the elephant all at once, eat it a little bit at a time,” Kevin Twibell, the chief information security officer for Platform One, said on a “Speeding Up The Move To Zero Trust” panel.
“Let’s start with what is your system doing or not doing? What’s your code doing or not doing?” Twibell continued. “It’s not just the infrastructure that’s zero trust. It’s what’s your application is doing or not doing or supposed to be doing. So that’s why we want to embed all of that, we want to be able to build a better Big Bang that people can deploy and get a notable value out of and those people also talk back to us again, that open source community, talk to us, let us know how it went.”
Platform One is also looking at scaling the Cloud Native Access Point, or CNAP, which provides secure, authorized access to Defense Department resources in a commercial cloud environment.
“How does this scale? How does this go to protect other DoD systems?” Twibell said. “How do we continue to evolve that? How do we continue to integrate a better [identity credentialing and access management] into it? How do we look at more data tracking or tagging that can be embedded into each one of those features? So between those two programs and more on the back end, we’re constantly trying to embed zero trust. We need to utilize those services. When you deploy them, you’re getting a piece of that. So it’s less that you have to figure out on the back end for your infrastructure.”
The U.S. Patent and Trademark Office, meanwhile, has been designated as one of the key customer service providers by the Biden administration. That means Jamie Holcombe, the chief information officer at USPTO, has to be especially concerned about protecting the patents and other data that traverse his agency’s networks.
“It’s really essential that we know who’s coming in, and we authenticate that,” Holcombe said, adding that the agency is introducing multifactor authentication for its users. “We’re forcing our new users to authenticate.”
One facet of zero trust is assuming your network will be breached, and architecting it accordingly, so attackers can’t move laterally once they break in. But it can be a surprising exercise for organizations to actually map the dependencies and connections within their enterprise, according to Gary Barlet, the federal chief technology officer at Illumio.
“They suddenly realize, ‘Hey, why does my web front end have a connection to my database that’s not supposed to be there,” Barlet said. “And it’s amazing the number of people that discover that they’ve got all these interconnections that they were never aware of. So we encourage people to go in, get that visibility, and then start turning those connections off. If a web interface doesn’t need to talk to a database server, then you shut down those ports and protocols that are being used for that communication.”
Learning objectives:
Complimentary registration
Please register using the form on this page or call (202) 895-5023.
Please register using the form on this page.
Have questions or need help? Visit our Q&A page for answers to common questions or to reach a member of our team.