Introducing the Zero Trust Proving Ground for Federal Agency Security

December 29, 2023
2 mins read

The Federal Mandate on Zero Trust Network Goals

  1. President Biden’s Executive Order 14028, Improving the Nation’s Cybersecurity, mandates federal agencies to develop plans for implementing a zero-trust architecture (ZTA) by the end of the Fiscal Year (FY) 2024.
  2. The major obstacle to setting these goals is the lack of zero-trust standards and an established testing methodology.

Veterans Cybersecurity Group (VCSG) CTO, and Senior IEEE Zero Trust Working Group (ZTWG) member, Mr. Leighton Johnson has stated, “Although NIST and CISA have defined principles, it is difficult to audit a set of principles. Currently, there are no Zero Trust standards to test and validate complex ZTA Solutions. The IEEE ZTWG is tasked with the yearslong process of developing a Zero Trust ISO Standard. However, VCSG aims to establish testing criteria immediately through an iterative SecDevOps approach. To this end, VCSG is establishing a Zero Trust Proving Ground (ZTPG) to test and evaluate ZTA implementations.”

Zero Trust Proving Ground (ZTPG)

This Zero Trust Proving Ground aims to assist federal agencies in meeting these aggressive zero-trust goals by contributing to an auditable testing standard for zero-trust network architectures (ZTA). VCSG will host the ZTPG on an established Cyber Range utilized by government agencies as a virtual cybersecurity training and testing environment, allowing multiple “communities of interest” to implement cyber-attack and exploitation scenarios. VCSG’s Zero Trust Proving Ground (ZTPG) brings together government and industry to establish a rigorous testing standard for ZTA solutions. Extensive vulnerability analysis and penetration testing within the ZTPG will inform the development of a standardized ZTA testing framework. This framework will empower federal agencies to evaluate and integrate third-party ZTA solutions into their emerging cybersecurity architectures.

Project Stakeholders

Veterans Cybersecurity Group (VCSG) is seeking stakeholders, including (1) Federal Agencies seeking information (RFI) to develop future Requests for Proposals (RFPs), (2) Cybersecurity Vendors seeking to have their ZTA Products and services demonstrated and tested, (3) standards bodies such as the IEEE Zero Trust Working Group (ZTWG), and (4) cybersecurity non-profits, such as ISC2 and CSA, with the mission to provide training and awareness promoting the use of Zero Trust best practices for providing security assurance and education to the cybersecurity workforce. Interested Stakeholders should contact VCSG President Paul Gozaloff at (754) 423-7352 or email paul@veteranscybersecurity.com for more information.

PLANTATION, Fla., Dec. 28, 2023 /PRNewswire/ — The Federal Mandate on Zero Trust Network Goals President Biden’s Executive Order 14028, Improving the Nation’s Cybersecurity, mandates federal agencies to develop plans for implementing a zero-trust architecture (ZTA) by the end of the Fiscal Year (FY) 2024.  The major obstacle to setting these goals is the lack of zero-trust standards and an established testing methodology. Veterans Cybersecurity Group (VCSG) CTO, and Senior IEEE Zero Trust Working Group (ZTWG) member, Mr. Leighton Johnson has stated, “Although NIST and CISA have defined principles, it is difficult to audit a set of principles.  Currently, there are no Zero Trust standards to test and validate complex ZTA Solutions.  The IEEE ZTWG is tasked with the yearslong process of developing a Zero Trust ISO Standard. However, VCSG aims to establish testing criteria immediately through an iterative SecDevOps approach.  To this end, VCSG is establishing a Zero Trust Proving Ground (ZTPG) to test and evaluate ZTA implementations.” Zero Trust Proving Ground (ZTPG) This Zero Trust Proving Ground aims to assist federal agencies in meeting these aggressive zero-trust goals by contributing to an auditable testing standard for zero-trust network architectures (ZTA). VCSG will host the ZTPG on an established Cyber Range utilized by government agencies as a virtual cybersecurity training and testing environment, allowing multiple “communities of interest” to implement cyber-attack and exploitation scenarios. VCSG’s Zero Trust Proving Ground (ZTPG) brings together government and industry to establish a rigorous testing standard for ZTA solutions. Extensive vulnerability analysis and penetration testing within the ZTPG will inform the development of a standardized ZTA testing framework. This framework will empower federal agencies to evaluate and integrate third-party ZTA solutions into their emerging cybersecurity architectures. Project Stakeholders Veterans Cybersecurity Group (VCSG) is seeking stakeholders, including (1) Federal Agencies seeking information (RFI) to develop future Requests for Proposals (RFPs), (2) Cybersecurity Vendors seeking to have their ZTA Products and services demonstrated and tested, (3)  standards bodies such as the IEEE Zero Trust Working Group (ZTWG), and (4) cybersecurity non-profits, such as ISC2 and CSA, with the mission to provide training and awareness promoting the use of Zero Trust best practices for providing security assurance and education to the cybersecurity workforce. Interested Stakeholders should contact VCSG President Paul Go

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and