Zero-Trust Cybersecurity as a Priority

This post is also available in: עברית (Hebrew)

The US government has been prioritizing zero-trust cybersecurity. Zero trust security asserts that devices should not be trusted by default, even if they are connected to a managed corporate network. The model advocates mutual authentication.

The Biden administration publicly announced six of seven federal technology projects to be awarded funding through the Technology Modernization Fund (TMF). Half of the awards announced publicly went to zero trust cybersecurity projects, with no funding going directly to pandemic response tech. One project remains classified.

The awards for zero trust follow the congressional mandate to focus TMF spending on critical cybersecurity issues in the wake of major software supply chain breaches — and recent guidance from the Office of Mangement and Budget OMB and the Cybersecurity and Infrastructure Security Agency on implementing zero trust architectures.

The TMS received a major injection of $1 billion as part of the American Rescue Plan passed earlier this year over the backdrop of the pandemic.

According to nextfov.com, while the TMF Board leaned hard into cybersecurity awards, the body did not pick any projects aligned with the other congressional focus for the money: pandemic response. The funding — allocated to the TMF as part of the second COVID-19 stimulus package—was granted, in part, to fund critical technology needs brought to light by the pandemic, including tracking and analyzing health data, as well as the IT agencies use to ensure businesses and people get monetary and other assistance they need.