Page 25 - Cyber Defense eMagazine March 2024
P. 25
Why Cyber Resilience Aligns with Zero Trust
Federal agencies are leaning hard toward adopting Zero Trust security architectures under mandate to
do so from the President’s 2021 Executive Order on Improving the Nation’s Cybersecurity, as well as
other guidance. They also need to do so, as Zero Trust is proving a robust means of keeping cyber-
attackers at bay.
When it comes to cyber resilience, adopting a Zero Trust mentality and architecture is an excellent place
to start. Zero Trust assumes that access and networking within an organization can never be trusted. It
calls for users, devices, and systems to be authenticated first before connecting, and then re-verified at
multiple points before accessing networks, systems, and data.
For those transitioning to a Zero Trust architecture, CISA’s Zero Trust Maturity Model offers a framework
of five foundational pillars covering: Identity (and access), Devices (e.g., Bring Your Own Device policies),
Networks, Applications, and Data. It then builds in Governance and Analytics, to help measure, monitor,
and develop automations to assist with fatigue and mistakes that result from manual updates.
This level of cybersecurity in turn gives a firm grounding to cyber resilience, by preventing many of the
most common attacks before they can infiltrate or impact critical data and systems. Again: cyber security
and cyber resilience go hand in hand.
As the federal government pursues Zero Trust goals, it should view this effort as a foundation for an
expanded view of what security entails. Zero Trust is the bedrock upon which to move beyond mere
defense and to layer in cyber resilience so agencies can meet the main objective of security: operational
continuity.
Like cybersecurity, cyber resilience is a means to an end. Both look to safeguard critical data and
systems, but cyber resilience takes it one step further. Recognizing that even the best defenses can be
breached, cyber resilience looks to ensure that agencies can continue to meet the needs of citizens and
stakeholders, uphold national security, and accomplish the myriad other vital tasks of government,
regardless of what the bad actors may try next.
About the Author
Amanda Satterwhite, Managing Director of Cyber Growth & Strategy at
Accenture Federal Services, is responsible for growth, innovation, and go-to-
market strategy. Satterwhite leads cyber mission and enablement for the
company’s National Security Portfolio, managing a team responsible for creating
cutting-edge solutions for national security missions.
Amanda can be reached online at https://www.linkedin.com/in/mandysatterwhite
and via the company website https://www.accenture.com/us-en/industries/afs-
index
Cyber Defense eMagazine – March 2024 Edition 25
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.