The Cybersecurity and Infrastructure Security Agency has been at the center of many of the White House’s cyber initiatives, policies and executive orders within the past few years. Now, just after the one year anniversary of President Biden’s executive order on cybersecurity, CISA is focusing on zero trust, modernization and workforce development.
However, these efforts are posing challenges to CISA and other federal agencies as they work to keep up and align with the government’s broader national cybersecurity strategies. CISA’s Chief Information Officer, Bob Costello, said outdated technology is one hurdle standing in the way of adopting zero trust for many agencies.
“In some cases we have technical debt, which means older systems that either do not easily fit into a zero trust model or have a very high maintenance cost, and maybe those programs are not necessarily funded to do a lot of modernization,” Costello said during a video interview with Executive Mosaic.
The other two major components of the zero trust challenge, Costello outlined, are fractured identity credentialing services and cultural barriers.
Ultimately though, CISA and other agencies are seeing progress.
“We’ve really improved our ability to do logging from our systems and improved monitoring,” he explained. “We’ve deployed enhanced endpoint detection and response capabilities.”