b'I Industry Perspective Matt Thibault | Senior Cybersecurity Sales Executive, AT&T Public Sector How important are Zero Trust policies and what can be done toimplement them?Zero Trust Policies are not only extremely important, but also represent a fundamental andnecessary shift in how we approach cyber defense and posture. You have likely heard the security metaphor of defending a castle with high walls and a moat. This strategy favors perimeterdefenses and is not robust enough for todays needs. Zero Trust is the idea that breaching theperimeter doesnt mean that once inside, you have access to every room in the castle. It ensures that a single vulnerability in those perimeter defenses does not grant unrestricted access and lateral movement for adversaries who shouldnt be there in the first place.To implement Zero Trust, theres a lot of programmatic, administrative, and even non-technical components that should be addressed first. I cant emphasize strongly enough that Zero Trust is a journey and agencies need to start now and follow NISTs Zero Trust Architecture recommendations. Start with conducting user asset and application inventories, and map existing systems within an environment to the Zero Trust pillars that are laid out in the NIST special publication documents.Determine what gaps exist and must be addressed, based on your specific agency needs andpriorities, before going through any sort of initial deployment. In addition to these assessments, ensure your agency has a robust ICAM (identity, credential andaccess management) system deployed and operational. Identity is the underpinning of Zero Trust. You cant apply dynamic policies or user/role-based access controls, or even least privilegedprinciples if you cant identify, authenticate, and authorize its user. Second, you need to start, if not in place already, doing holistic log collection from assets/applications and analysis of those logs across the enterprise. This is most used within a Security Operations Center (SOC) function, but its really critical to ensuring your security operations have visibility across the asset, application and user inventories within the enterprise. These SOC Functions can be very complex and difficult to stand up and operate efficiently, so outsourcing SOC Operations is a great option for agencies to address this need in short order and bring themselves into that maturity model. Can you explain Secure Access Service Edge (SASE) to our readers and how it can help agencies achieve a Zero Trust architecture?SASE combines traditional network security functionsthink Next-Gen Firewall, IntrusionPrevention Systems (IPS), Intrusion Detection Systems (IDS), Secure Web Gateways, and WANFunctions (SD-WAN)to bring centralized security network functions closer to users andapplications. This is really important for achieving a Zero Trust strategy because it mapssecurity features to the pillars of Zero Trust in the CISA Zero Trust Maturity Model. SASE usually has within it identity-based access policies, network segmentation, even end-to-end encryption.Government Business Council Securing the Nations Network | Page 10'