May 2021, President Biden issued an executive order on federal cybersecurity. This order details ways to improve the nation’s cybersecurity by raising national standards. Options outlined by the order include removing barriers to shared cyber threats between federal contractors, modernization of federal cybersecurity, and much more.
A fundamental tenet of this call for modernization is mandating an advancement towards Zero Trust Architecture. A Zero Trust policy for organizations calls for companies to structure their cybersecurity around the assumption that devices within a network cannot be trusted. Traditionally, cybersecurity networks operate under the premise that every device within a network can be authorized.
The order gave each federal agency 60 days to develop a plan to implement Zero Trust Architecture. Zero Trust Architecture entails implementing measures like multi-factor authentication, inspecting and logging all web traffic, and moving to a constant verification model.
Multi-factor authentication only allows access to a system after a user presents more than one form of identification. Typically, this entails entering a code to verify identity sent to an authorized device or account, like a text message or email. This code prevents someone from gaining access to multiple networks from stealing a pre-authorized device.
These measures combine to meet the need to abandon the traditional model of trusting existing devices within your network. The big question if you and your business don't deal with federal contracts is why you should care? After all, even Biden noted in an August press briefing that the executive branch could not force private companies to meet specific cybersecurity requirements.
It's important to remember that the federal standards lead the charge on best practices. If your private business doesn’t comply early, you may be caught unaware and be forced to scramble to meet requirements. Even now, insurance companies are enforcing multi-factor authentication for businesses as an insurance requirement.
Biden’s executive order also represents a business opportunity. Federal agencies will need to update old systems and implement new approaches to comply with the push to move toward Zero Trust Architecture. The need for new technology means opportunities for IT contractors and agencies to help during the transition period with new jobs and new projects.
Finally, Zero Trust Architecture is just good for your business. According to Comparitech, cyber attacks cost the American government $18.88 billion in 2020 alone. With the rising cost of cybercrime, companies can’t afford to be unprotected.