Insight by Splunk

Trust whom your data tells you to

When a million federal employees suddenly found themselves teleworking, agency tech staffs found they had several problems to solve. If the first one was building and provisioning sufficient infrastructure to support collaboration and access to applications and data, it’s handmaiden was how to do it all securely. The change in working mode accelerated nearly every agency’s moves to build zero trust architectures in their networks.

The zero trust premise holds that it takes more than a simple user name and password to enable secure access, whether on premise or remotely. It requires continuous identification and authentication throughout even a single session, with algorithms evaluating characteristics of the user – behaviors, IP addresses, authentication factors offered. Zero trust must operate as an orchestrated service, with the ability to monitor its own available and potential for interruption.

It’s all a data driven operation. As detailed in this interview with two high level federal cybersecurity practitioners, zero trust is informed by many data sources. Some are generated by the agency, such as network activity logs. Others come from both government-generated and commercially provided security telemetry, such that uses gain trust in the context of what is known about the security environment.

In the video interview moderated by Federal News Network’s Tom Temin, Sean Connelly of the Cybersecurity and Infrastructure Security Agency and Air Force Brigadier General Chad Raduege, the cyberspace and information dominance director at the Air Combat Command, talk about how to gain trust, the data and workflows required, and the organizational constructs that best foster trust.

How the Security Approach Has Morphed

You can enrich your access controls with telemetry, those intel feeds. So when the policy enforcement point is making decisions, it can look at what we know of the adversaries, and what the commercial products know, and decide if this is a trusted user or does this have some of the ways the adversary would be trying to establish trust also.

Cybersecurity Workflows

I think that zero trust, future, this zero trust strategy is all about. It's thinking about the old perimeter security, and it's now thinking about how do you protect the data, whether that's in transit or whether that's it rest.

Listen to the full show:

Featured speakers

  • Sean Connelly

    TIC Program Manager, Cybersecurity and Infrastructure Security Agency

  • Brigadier General Chad Raduege

    Director of Cyberspace and Information Dominance, Headquarters Air Combat Command, U.S. Air Force

  • Tom Temin

    Host, The Federal Drive, Federal News Network

Sign up for breaking news alerts

Fed Photo of the Day

National Christmas Tree lit