Last year, two months into the pandemic, the White House published an executive order mandating that all federal agencies plan their transition to a zero-trust model—a cybersecurity posture in which no actor or network is implicitly trusted.
Now, the Department of Defense (DoD) has announced plans for enterprise-wide zero trust architecture by 2027.
Many assume that this is limited to unclassified networks, but zero trust has an equally critical role to play within classified networks.
Most assume that our classified networks, which are physically isolated and protected from the internet and other unclassified networks, are safe by design because they employ multiple security protection mechanisms.
One such mechanism is the use of virtual private networks, or VPNs.
VPNs grant excessive implicit trust to segmented networks within a network. Classified networks may seem safe, as it’s difficult to gain access to them in the first place. But additional protection should still exist within these networks. That’s where zero trust comes in.
Zero trust network access (ZTNA) is smarter, tighter, and more tailored than VPNs. It should be the norm for all networks, including classified networks, going forward.
Say Goodbye to VPNs
Imagine the following scenario: An employee of an intelligence agency is temporarily assigned to another agency and needs access to their home classified network remotely. The standard way to do so is with a VPN, which offers full access to the network in question.
Even though the network is classified, this can open the door to vulnerabilities. Once a user is in, they’re in. They can access and probe every machine on the network.
With zero trust network access, the permissions are much more granular.
ZTNA combines strict identity verification with explicit permission requirements for every person or entity attempting to access network resources. This allows agencies to tightly control the security of classified information as it passes from one connection point to another.
Instead of gaining access to every machine, the user only gains access to the machines they need—and is denied visibility beyond.
It’s natural to think classified networks are as safe as possible. But the reality is that ZTNA is still safer. Even programs within these classified networks—which rely on VPN technology to segregate access—can be leveled up by transitioning to ZTNA instead.
(Learn More from Senior Information Officer and Deputy CIO at the Department of Defense, David McKeown, as he details the three paths to implement #ZeroTrust throughout the entire department. One approach works with cloud service providers at all classification levels, which will be automatically covered in zero trust. Courtesy of Forcepoint and YouTube.)
The Benefits of Zero Trust
Zero-trust network access offers government agencies that are processing classified data many benefits, starting with better control of their resources. Highly granular access creates a more detailed audit trail—one that’s not possible when users come through a VPN.
Once again, users can only access the specific data they’ve requested, as opposed to the entire classified network, as would be the case with a VPN connection.
Throughout the exchange, data moves through a multistep security process tailored on a case-by-case basis.
With ZTNA, agencies can also constantly evolve and adapt their cybersecurity posture to fit the needs of their users.
VPNs, on the other hand, simply let users through. Less adaptation is possible.
In addition to offering more granular security, zero-trust network access is more seamless and streamlined. Users don’t have to log in to a portal like they do with a VPN, much less worry about a lag. Instead, ZTNA is “always on.”
The Bottom Line
The National Security Agency (NSA) has already warned of VPN vulnerabilities. Of course, it can be tempting to assume that classified and top-secret networks are inherently safe. But with security, there is no ceiling. ZTNA can make classified networks even more secure.
Even at the classified level, ZTNA is preferable, as it offers more granular security and greater peace of mind.
The intelligence community can start transitioning to ZTNA by embracing the concept of least privilege. Users, in addition to being verified, should be granted as little access as possible in the name of security. To that end, multifactor authentication is a key part of zero trust, ensuring that only authenticated and authorized entities can access data.
The bottom line is that there’s simply no need to offer wide-open access of VPNs, when zero-trust architecture is available.
To Learn More, please visit Forcepoint’s “Future Insights for 2023” HERE, and a podcast series from Forcepoint titled “To the Point Cybersecurity,” HERE.
About the Author
As the Chief Technology Officer (CTO), of Global Governments and Critical Infrastructure at Forcepoint, George Kamis works closely with Information Assurance industry leaders, government executives, and the Forcepoint executive management team to help guide their long-term technology strategy and keeps it aligned with federal and industry requirements.
By leveraging his over 25 years of experience in Cyber and Cross Domain Solutions, he has helped lead Forcepoint (previously, Raytheon|Websense, Raytheon Cyber Products, and Trusted Computer Solutions) to the forefront of Cyber and Cross Domain product development.
Before Mr. Kamis’ role as CTO, he served as Vice President of Engineering for 10 years at Trusted Computer Solutions and ran both the Professional Services and Development organizations. Raytheon acquired Trusted Computer Solutions in 2010. Raytheon Cyber Products was established in 2014. Raytheon|Websense was created as a joint venture in 2015. Forcepoint was created in January 2016.
Before Trusted Computer Solutions, Mr. Kamis worked for the US Naval Research Laboratory, Center for High Assurance Computer Systems, and developed multilevel secure systems for the Navy. He was also involved with the testing and deployment of US Navy communication security devices.
He holds a degree in Electrical Engineering with honors from West Virginia University, and holds active memberships in both the Institute of Electrical and Electronics Engineers (IEEE) and the Armed Forces Communications and Electronics Association (AFCEA).
Mr. Kamis is also an active member of the Technology Committee for the Fairfax County Federal Credit Union and consults on information technology and cyber security-related matters.
To learn more about Forcepoint’s government cybersecurity solutions please visit https://www.forcepoint.com/security/government-security.
Forcepoint Takes Home the Gold in 2022 ‘ASTORS’ Awards Program
American Security Today’s Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program, and now entering it’s Eighth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.
Best Phishing Defense Solutions
Forcepoint is leading the shift from outdated and ineffective malware and ransomware detection strategies to a proven prevention strategy rooted in Zero Trust principles.
With its Zero Trust Content, Disarm, and Reconstruction (ZT CDR) solution, Forcepoint gives IT and security teams a fresh new way to proactively protect their organization from ever-increasing malware and ransomware threats.
Forcepoint ZT CDR differentiates itself from traditional security inspection solutions by, instead of trying to detect the presence of malware; it assumes nothing can be trusted. It extracts only valid business information from files – either discarding or storing the originals and any malware they might contain – and then builds brand new, fully functional files to carry the information to its destination.
Pivoting from detection to prevention in this way is especially important with the recent evolution in hybrid workforces and digital transformation, and their resultant usage of content and electronic information everywhere.
By leveraging a data-first approach to malware threat removal, ZT CDR is revolutionary for mitigating the threat of compromised data that could lead to breaches.
(It’s no secret that much of the world’s malware and ransomware makes its way to organizations through infected files. See briefly how Zero Trust Content Disarm and Reconstruction (CDR) strips malware from office documents, images, and PDFs to end Zero Day malware. Courtesy of Forcepoint and YouTube.)
*Forcepoint was also a recognized in the 2021, 2019, and 2018 ‘ASTORS’ Homeland Security Awards Programs respectively.
Homeland Security remains at the forefront of our national conversation as we experience an immigration crisis along our southern border and crime rates that are dramatically higher than before the Pandemic across the United States.
These challenges have become a national priority with an influx of investments in innovative new technologies and systems.
Enter American Security Today, the #1 publication and media platform in the Government Security and Homeland Security fields, with a circulation of over 75,000 readers and many tens of thousands more who visit our AST website at www.americansecuritytoday.com each month.
The pinnacle of the Annual ‘ASTORS’ Awards Program is the Annual ‘ASTORS’ Awards Ceremony Luncheon Banquet, an exclusive, full-course plated meal event, in the heart of New York City.
This year’s exclusive sold-out ‘ASTORS’ luncheon featured representatives of law enforcement, public safety, and industry leaders who came together to honor the selfless service of those who stand on the front lines, and those who stand beside them – providing the capabilities and technologies to create a safer world for generations to come.
This year marks the 20th anniversary of the Department of Homeland Security (DHS), which came out in force, to discuss comprehensive collaborations between private and public sectors that have led to the development of intelligence and technologies which serve to protect our nation.
The continually evolving ‘ASTORS’ Awards Program emphasized the trail of Accomplished Women in Leadership in 2022, as well as the Significance and Positive Impact of Advancing Diversity and Inclusion in our Next Generation of Government and Industry Leaders.
The keynote address was provided by U.S. Customs and Border Protection (CBP) Office of Field Operations (OFO) Deputy Executive Assistant Commissioner (DEAC) Diane Sabatino, who described the changes to CBP through the tragedy of 9/11 and the relentless commitment to its mission and ongoing investment in the latest technologies and innovations to protect our borders and Homeland.
The resounding theme of the DEAC’s remarks was her pride in the women and men of the CBP and their families who support them.
AST was also joined by Legendary Police Commissioner William Bratton, who spoke, as always, about his love for the City of New York, the Profession of law enforcement to which he has dedicated his life, and for which he continues to drive thought leadership and innovation.
New York City Police Department (NYPD) Chief of Department Kenneth Corey, came out to address Luncheon attendees and shared some of his experiences and the changes in policing he’s witnessed over his more than three decades of service.
FDNY Chief Joseph Jardin honored the men and women of the FDNY, not only those who currently serve but all of those who have selflessly served, with a special recognition of those lost on 9/11.
Chief Jardin spoke about the continuing health battle of many following 9/11 with cancer and respiratory disease, yet now knowing the full consequences, would not have made a different decision to respond.
As Chief Jardin noted, mission-driven service is in the lifeblood of every firefighter, volunteer and sworn and has been so throughout the history of the Fire Service.
Former head of the FBI’s active shooter program, Katherine Schweit joined AST to sign complimentary copies of her book, ‘STOP THE KILLING: How to End the Mass Shooting Crisis,’ thanks to the generosity of our 2022 ‘ASTORS’ Awards Sponsors.
The 2022 ‘ASTORS’ Awards Program was Proudly Sponsored by NEC National Security Systems (NSS), ATI Systems, Automatic Systems of America, guardDog AI, Fortior Solutions, IPVideo Corporation, Rajant Corporation, RX Global, and SIMS Software!
We were pleased to welcome the esteemed New York City Fire Department (FDNY); the New York City Police Department (NYPD); and the NYC Hospital Police, as well as Executive Management from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and many other DHS agencies, Federal law enforcement agencies, and private/public partnerships such as the National Association of Women Law Enforcement Executives (NAWLEE), the 30×30 Initiative, a coalition of professionals advancing the representation of women in policing; and Operation Lifesaver, Inc. (OLI) (rail safety advocates).
The prestigious Annual ‘ASTORS’ Homeland Security Awards Program highlights the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition and keep our Nation safe – one facility, street, and city at a time.
In 2022 over 240 distinguished guests representing Federal, State, and Local Governments, and Industry Leading Corporate Firms gathered from across North America, Europe, and the Middle East to be honored among their peers in their respective fields.
Each year, to keep our communities safe and secure, security dealers, installers, integrators, and consultants, along with corporate, government, and law enforcement/first responder practitioners, convene in New York City to network, learn and evaluate the latest technologies and solutions from premier exhibiting brands at ISC East, the Natural Disaster & Emergency Management Expo (NDEM EXPO), and the ASIS NYC Expo.
ISC East is the Northeast’s leading security & public safety event, hosted in collaboration with sponsor Security Industry Association (SIA) and in partnership with ASIS NYC.
Corporate firms, the majority of which return year to year to build upon their Legacy of Wins, include:
Advanced Detection Technologies, AMAROK, ATI Systems, Axis Communications, Automatic Systems, BriefCam, Canon U.S.A., Cellbusters, CornellCookson, CyberArk Fortior Solutions, guardDog.ai, Hanwha Techwin of America, High Rise Escape Systems, IPVideo Corporation, Konica Minolta Business Solutions, NEC National Security Systems, NICE Public Safety, OnSolve, PureTech Systems, Quantum Corporation, Rave Mobile Safety, Regroup Mass Notification, Robotic Assistance Devices, Rajant Corporation, SafeLogic, Select Engineering Services LLC, Singlewire Software, SolarWinds Worldwide, Teledyne FLIR, Valor Systems, and West Virginia American Access Control Systems, just to name a few!
Why American Security Today?
The traditional security marketplace has long been covered by a host of publications putting forward the old-school basics to what is Today – a fast-changing security landscape.
American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State, and local levels of government as well as firms allied to the government.
American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers’ eyes throughout the story with cutting-edge editorial that provides solutions to their challenges.
Harness the Power of the Web – with our 100% Mobile Friendly Publications
AST Digital Publications are distributed to over 75,000 qualified government and homeland security professionals, in federal, state, local, and private security sectors.
‘PROTECTING OUR NATION, ONE CITY AT A TIME’
AST Reaches both Private & Public Experts, essential to meeting these new challenges.
Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture, and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.
These experts are from Government at the federal, state, and local levels as well as from private firms allied to the government.
AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website, and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.
AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.
Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.
To learn more about ‘ASTORS’ Homeland Security Award Winners solutions, Be On the LookOut for the 2022 ‘ASTORS’ CHAMPIONS Edition Fully Interactive Magazine – the Best Products of 2022 ‘A Year in Review’.
The Annual CHAMPIONS edition includes a review of ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firm’s products and services, including video interviews and more.
It will serve as your Go-To Source throughout the year for ‘The Best of 2022 Products and Services’ endorsed by American Security Today, and can satisfy your agency’s and/or organization’s most pressing Homeland Security and Public Safety needs.
From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection, and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware, and Networking Security – to name a few), the 2021 ‘ASTORS’ CHAMPIONS EDITION will have what you need to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.
It will also include featured guest editorial pieces from some of the security industry’s most respected leaders, and recognized firms in the 2022 ‘ASTORS’ Awards Program.
A complete list of 2022 ‘ASTORS’ Award Winners will be announced shortly.
For more information on All Things American Security Today, as well as the 2023 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at firstname.lastname@example.org.
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos