3rd Party Risk Management , Access Management , Governance & Risk Management

Sound Off: What Does the OMB Zero Trust Strategy Get Right?

John Kindervag, Creator of Zero Trust, Sounds Off on New Federal Strategy
John Kindervag, creator of Zero Trust and senior vice president of cybersecurity strategy, ON2IT

"Sound Off" is a new video series the explores one topic, in depth, with information security and privacy leaders.

See Also: Conversational Cyber Insurance: How Cybersecurity and Cyber Insurance are Interwined

On this week's "Sound Off," we ask John Kindervag, the founder of Zero Trust, for his reaction to the recently released Office of Management and Budget federal strategy to move the U.S. government toward a mature Zero Trust architecture.

Kindervag sees the OMB's move as a positive one. "I think the significance is that they've come out and called it a strategy and they've understood the strategic resonance of Zero Trust. Too many people can't see the strategic value of it," he says.

But he includes a word of caution. "People need to understand that Zero Trust isn't something that's binary, that you suddenly flip a switch and your whole environment is a Zero Trust environment. You have to do it in small chunks," he says. He advises organizations to "start with one single, protect surface" in order to "shrink the attack surface to something very small and easily known."

In this episode of "Sound Off," Kindervag discusses:

  • The significance of the OMB strategy;
  • What it gets right and obstacles to avoid;
  • What it portends for the second decade of Zero Trust.

Kindervag is senior vice president of cybersecurity strategy and an ON2IT Group Fellow at ON2IT Cybersecurity. Previously, he was field CTO at Palo Alto Networks. Earlier, while working at Forrester Research, where he was a vice president and principal analyst on the security and risk team, he created the Zero Trust model. He also previously served as a security consultant, penetration tester and security architect.

About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.