3rd Party Risk Management , Access Management , Governance & Risk Management
Sound Off: What Does the OMB Zero Trust Strategy Get Right?John Kindervag, Creator of Zero Trust, Sounds Off on New Federal Strategy
"Sound Off" is a new video series the explores one topic, in depth, with information security and privacy leaders.
See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion
On this week's "Sound Off," we ask John Kindervag, the founder of Zero Trust, for his reaction to the recently released Office of Management and Budget federal strategy to move the U.S. government toward a mature Zero Trust architecture.
Kindervag sees the OMB's move as a positive one. "I think the significance is that they've come out and called it a strategy and they've understood the strategic resonance of Zero Trust. Too many people can't see the strategic value of it," he says.
But he includes a word of caution. "People need to understand that Zero Trust isn't something that's binary, that you suddenly flip a switch and your whole environment is a Zero Trust environment. You have to do it in small chunks," he says. He advises organizations to "start with one single, protect surface" in order to "shrink the attack surface to something very small and easily known."
In this episode of "Sound Off," Kindervag discusses:
- The significance of the OMB strategy;
- What it gets right and obstacles to avoid;
- What it portends for the second decade of Zero Trust.
Kindervag is senior vice president of cybersecurity strategy and an ON2IT Group Fellow at ON2IT Cybersecurity. Previously, he was field CTO at Palo Alto Networks. Earlier, while working at Forrester Research, where he was a vice president and principal analyst on the security and risk team, he created the Zero Trust model. He also previously served as a security consultant, penetration tester and security architect.