Event Recap: Zero Trust Implementation Lessons Learned

“In 2010, over 90-% of data was held in local server. . . By the end of 2025, there is expected to be 50% of the world’s data stored in the cloud” . . . “What we’re doing with the Zero Trust (ZT) work is emulating how we function as people in society,” says Ian Leatherman with Microsoft. He asks (rhetorically), do we as people live in castles anymore?” And continues, “the answer is no, so why are we building our computer systems that way?” To date, agencies have generally focused on collecting as much data from as many sources as possible. This practice isn’t effective, according to Trellix’s Wilson Patton who says that “what we need to do is shift the common goal of ‘Collect Everything’ to ‘Intelligent Action’ and get “the different tools, often from various vendors to communicate and cooperate effectively.” Netskope’s CxO Advisor, Macy Dennis, adds that in order to take ZT “to the next level”, agencies must consider “ease of use, ease of deployment. . .that individuals at all levels can learn and utilize.” During this 3-hour virtual workshop, subject matter experts gathered for a comprehensive discussion on ZT that included the following topics:

• Why cybersecurity culture must be based on Zero Trust
• Misconceptions and facts about Zero Trust and its benefits
• The 5-step ZT implementation model, and its guiding principles and challenges
• DoD ZT Strategy from 2022
• DAY Training Offerings and DoD ZT Symposium
• Common imperatives and solutions across federal agencies
• View of the Netskope Zero Trust Engine
• The Navy’s journey with their Zero Trust Implementation, Flank Speed
• How the Navy customized their IT system to accommodate remote working
• How the GenAI-powered, Trellix platform specifically addresses challenges
• MITRE’s ZT pillars, capabilities and themes
• Advice for agencies who are modernizing information governance by integrating governance structures and layering in AI