General Dynamics’ (NYSE: GD) information technology business has conducted a survey regarding efforts at federal civilian and defense agencies to implement zero trust cybersecurity policies in accordance with President Biden’s May 2021 executive order.
The “Agency Guide to Zero Trust Maturity” study polled 300 government officials to gauge where their departments stand in meeting the EO’s end-of-fiscal-year 2024 security goals, General Dynamics Information Technology said Wednesday.
“This zero trust report shows that federal agencies are making great progress to strengthen their cybersecurity defenses,” said Matthew McFadden, vice president of cyber at GDIT.
According to the EO, zero trust fundamentals must be meted out across an agency or business and need to be accepted and promoted uniformly by senior-level executives and IT stakeholders, McFadden went on to explain. This will enable “cyber resiliency and supports the organization’s mission.”
Some of the survey’s findings were that a majority (63%) of respondents feel their agencies will meet the 2024 goals for requirements or be early; an overwhelming majority (92%) strongly believe their agency has the capability to defend against cyber attacks; and a large segment of those polled have instituted a formal zero trust policy (76%) with a smaller amount but still majority (52%) in the implementation phase.
However, GDIT found that some agency officials harbor doubts and concerns for the remaining year and a half of reformations.
Over half of those surveyed (58%) felt that a looming hurdle to overcome was reconstructing or outright replacing existing legacy infrastructure. 50% of respondents claimed they are struggling to figure out the technology they need to utilize and just under half of those polled (48%) reported lacking faith in their agencies’ IT staff expertise to make the necessary changes.
“Agencies know they can’t bolt on zero trust, so they must decide to rebuild or replace systems. That requires additional spending on top of investing in zero trust. Agencies have to make some hard decisions,” John Sahlin, cyber solutions director of GDIT’s defense division, elaborated.