The Biden Administration has just launched a new cybersecurity framework for federal agencies that will better position the government toward a “zero trust” security model.
The 30-page plan lists dozens of steps federal agencies must take over the next two years to secure systems and minimize security risks.
Government agencies were given until the end of the 2024 budget year to implement many of the measures in the plan, including stricter network segmentation, multi factor authentication, and widespread encryption. Departments have 60 days or 120 days to appoint leads to implement the measures and classify information according to sensitivity.
The White House said the growing threat of major cyberattacks “underscored that the Federal Government can no longer depend on conventional perimeter-based defenses to protect critical systems and data.”
The White House published a first draft of the strategy in September last year. Now, the final draft contains insights from cybersecurity experts, companies and non-profit organizations.
Director Jen Easterly of the Cybersecurity and Infrastructure Security Agency (CISA) said zero trust was a key element to modernize and strengthen the government’s defenses.
Many organizations welcomed the move and said the federal government urgently needed to update its security and do more to keep vital systems safe.