Best listening experience is on Chrome, Firefox or Safari. Subscribe to Fed Tech Talk’s audio interviews on Apple Podcasts or PodcastOne.
This week on Federal Tech Talk, Dr. Chase Cunningham, from Forrester, joins host John Gilroy to talk about cybersecurity. He was invited because four of my most recent guests quoted one of his articles. After doing some investigating, it was for a good reason.
Dr. Cunningham spend 13 years as a cryptologist at the National Security Agency. Seems like an auspicious beginning for a subject matter expert on information security. If you combine that with a Ph.D. in computer and information systems security/information assurance you have the makings of a great guest. Currently, he is disseminating his knowledge by working as a principal analyst for well-known Forrester.
When asked to set priorities for federal information professionals, he said it was important to start with identification. His informal survey of threats all seems to have identification as one of the core problems.
From there, Dr. Cunningham indicated that he endorses the concept of Zero Trust. Most folks know that the idea of Zero Trust originated with a Forester analyst over a decade ago. Recently, the concept has gained steam and was a trending topic at the most recent RSA Conference.
The key is to have granular control over all assets on the network. Because there are a variety of platforms and tools to accomplish this task, Dr. Cunningham suggests that cyber professionals can learn a lesson from the agile development crowd — set up a virtual environment to test the efficacy of any system that allows detailed control.
This is called a Virtual Reference Platform and is heartily endorsed by Dr. Cunningham and Forester. If you would like to learn more about setting up a virtual platform to test Zero Trust concepts, you may want to attend the Forrester event in September called Security & Risk 2019 held at National Harbor.