https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Smart Cities Solutions


Adi Goldstein/Unsplash

Draft plan of federally mandated cybersecurity measures released for public comment

Draft plan of federally mandated cybersecurity measures released for public comment

  • Written by Andy Castillo
  • 9th September 2021

Since the beginning of the year, the federal government has put forward a number of advisories and orders intended to tighten the nation’s cyber defenses. Most recently this week, the Office of Management and Budget released a draft of its Federal Zero Trust Strategy that supports President Joe Biden’s executive order “Improving the Nation’s Cyber Security,” which he issued in May.  

Comments can be submitted through Sept. 21.  

“The United States government faces increasingly sophisticated and persistent cyber threat campaigns that target its technology infrastructure, threatening public safety and privacy, damaging the American economy and weakening trust in government,” the draft memo reads. 

At its core, the initiative is intended to raise the minimum level of security practices across the board. Following up May’s executive order, which mandated that federal agencies and civilian companies that do business with the government must move toward uniform a zero-trust cybersecurity architecture, the Office of Management and Budget’s strategy outlines next steps.  

Traditionally, the federal government has used perimeter-based defenses—authorized users are able to freely access digital spaces once they’re through security. Zero-trust cybersecurity architectures are radically different, in that no user is trusted with any kind of access. Rather, everyone must continuously confirm their identity.  

“The foundational tenant of the Zero Trust Model is that no actor, system, network or service operating outside or within the security perimeter is trusted. Instead, we must verify anything and everything attempting to establish access,” according to the Department of Defense’s Zero Trust Reference Architecture brief. “It is a dramatic paradigm shift in philosophy of how we secure our infrastructure, networks and data, from verify once at the perimeter to continual verification of each user, device, application and transaction.” 

Outlined in the plan are a number of proposed baseline zero-trust security measures like universal activity logging, single sign-on and multi-factor authentication, reliable asset inventories and ubiquitous use of encryption—a process of encryption that gives only the sender and recipient decryption key. 

“While the concepts behind zero trust architectures are not new, the implications of shifting away from ’trusted networks’ are new to most enterprises, including many federal agencies,” the draft notes. “This will be a journey for the federal government, and there will be learning and adjustments along the way as agencies and policies adapt to new practices and technologies.” 

The memorandum would require that federal agencies achieve specific zero trust security goals by the end of 2024. Among those requirements are the implementation of phishing-resistant multi-factor authentication systems, an inventory of every device that’s owned by the agency, encryption of all domain name system (DNS) requests and HTTP traffic, rigorous and routine testing of applications and cloud security measures, among others. 

While sweeping, the draft emphasizes that it’s a necessary step—and not just for the federal government.  

Cyber breaches are becoming more and more common. On Thursday, for example, Dorchester County, South Carolina announced that a phishing attack earlier in the year compromised sensitive information of its residents. 

“The phishing incident resulted in unauthorized access to certain information collected and maintained by the County for a variety of reasons, including names, addresses, email addresses, dates of birth, Social Security numbers, driver’s license numbers, financial account numbers, credit card and debit card numbers, usernames and passwords, and medical information,” says the statement, which was issued by the Dorchester County Government. 

For local governments looking to update their own cybersecurity standards to a zero trust model, more information published by the National Cybersecurity Center of Excellence can be found on the agency’s website. Public comments about the Office of Management and Budget’s Federal Zero Trust Strategy draft memo can be sent to [email protected].

Tags: homepage-featured-2 homepage-featured-4 News Smart Cities & Technology Smart Cities Solutions

Most Recent


  • Amid an unprecedented increase in federal spending, cities and counties stand to benefit from partnerships
    The so-called “American dream” of upward mobility has more or less stagnated: Today, a little more than 40 percent of children raised at the bottom of the income ladder remain there as adults, according to Pew Charitable Trusts, and only half grow up to earn more than their parents. This data points to a concerning […]
  • Seattle-Tacoma-Bellevue, WA
    Infrastructure highlighted by city leaders as top priority in analysis of 60 mayoral addresses
    After two years of ping-pong lockdown orders, mask mandates, unprecedented vaccine drives and economic uncertainty, cities across the United States are beginning to emerge in the pandemic’s aftermath, and they’re prioritizing infrastructure, according to a report published Wednesday by the National League of Cities (NLC).  “The new normal, as we now understand it, is here,” […]
  • Amid tech labor shortage, outsourcing digital services could provide relief
    The COVID-19 pandemic accelerated tech and digitization globally, forever changing the way local governments conduct daily business, along with the expectations of constituents. Over the last two years, smart city plans have increased in popularity; services like tax bill payments and licensing have mostly shifted into the digital realm; and town offices evolved into comprehensive […]
  • procurement IT
    The beauty of the beast: Why the pandemic & cybersecurity might actually improve procurement and IT collaboration
    For well over decade, IT managers have listed cybersecurity as their number one concern. Both the CompTIA Public Technology Institute (PTI) and the National Association of State Information Officers (NASCIO) have been tracking top trends in IT management, policy, governance and operational issues as they relate to state and local government. Only recently has “procurement” […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Tech giants pledge billions, commit to bolstering public cyber defenses
  • Historically called in following natural disasters and during emergencies, National Guard cybersecurity units can help municipalities in the digital realm
  • Local government’s role in citizen engagement: It’s now digital
  • Cybersecurity legislation included in infrastructure plan sets aside $1 billion for local governments

White papers


How to Assemble a Rockstar Website Redesign Steering Committee

7th June 2022

Hand Hygiene: Compliance Matters

23rd May 2022

What it Takes to Build a Winning Esports Program

23rd May 2022
view all

Events


PODCAST


Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020

Young Leaders Episode 2 – Christian Williams – Development Services Planner, Goodyear, Ariz.

1st July 2020
view all

Twitter


AmerCityCounty

Report: Local and state governments are facing a retention crisis; the worst could be yet to come dlvr.it/SSnmS7

24th June 2022
AmerCityCounty

Amid an unprecedented increase in federal spending, cities and counties stand to benefit from partnerships dlvr.it/SSkGBn

23rd June 2022
AmerCityCounty

Governments using technology to harness data and improve decision-making dlvr.it/SSk3H0

23rd June 2022
AmerCityCounty

Infrastructure highlighted by city leaders as top priority in analysis of 60 mayoral addresses dlvr.it/SSgBck

22nd June 2022
AmerCityCounty

Oklahoma City puts the focus on employees when implementing changes in office technology dlvr.it/SSfyns

22nd June 2022
AmerCityCounty

We want to hear from you! Please take this brief survey and let us know how your organization is managing your budg… twitter.com/i/web/status/1…

22nd June 2022
AmerCityCounty

Buying smart solutions: Technology is now part of (almost) every government purchase dlvr.it/SSbj3Z

21st June 2022
AmerCityCounty

Amid tech labor shortage, outsourcing digital services could provide relief dlvr.it/SSbj23

21st June 2022

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X