Veterans Cybersecurity Group introduces the vital step in Zero Trust Testing for Federal Agencies: Zero Trust Proving Ground.

December 29, 2023
1 min read

Veterans Cybersecurity Group Introduces a “Zero Trust Proving Ground” as an essential step in Zero Trust Testing for Federal Agencies

  • President Biden’s Executive Order 14028 mandates federal agencies to implement a zero-trust architecture by the end of FY 2024.
  • Veterans Cybersecurity Group (VCSG) aims to establish a Zero Trust Proving Ground (ZTPG) to test and evaluate zero-trust network architectures (ZTA) implementations.
  • The ZTPG will be hosted on an established Cyber Range and will contribute to the development of a standardized ZTA testing framework.
  • VCSG is seeking stakeholders including federal agencies, cybersecurity vendors, standards bodies, and cybersecurity non-profits to participate in the project.

The Veterans Cybersecurity Group (VCSG) has introduced a “Zero Trust Proving Ground” (ZTPG) as an essential step in Zero Trust Testing for Federal Agencies. The introduction of the ZTPG comes in response to President Biden’s Executive Order 14028, which mandates that federal agencies develop plans to implement a zero-trust architecture (ZTA) by the end of FY 2024.

Currently, the lack of zero-trust standards and an established testing methodology is a major obstacle in achieving these goals. While organizations such as NIST and CISA have defined principles, there are no standardized zero-trust standards to test and validate complex ZTA solutions. The IEEE Zero Trust Working Group (ZTWG) has been tasked with developing a Zero Trust ISO Standard, but this is a yearslong process. In the meantime, VCSG aims to establish testing criteria immediately through an iterative SecDevOps approach.

The ZTPG will assist federal agencies in meeting their zero-trust goals by contributing to an auditable testing standard for ZTA solutions. It will be hosted on an established Cyber Range utilized by government agencies as a virtual cybersecurity training and testing environment. This will allow multiple “communities of interest” to implement cyber-attack and exploitation scenarios.

VCSG aims to bring together government and industry to establish a rigorous testing standard for ZTA solutions. The ZTPG will conduct extensive vulnerability analysis and penetration testing to inform the development of a standardized ZTA testing framework. This framework will empower federal agencies to evaluate and integrate third-party ZTA solutions into their cybersecurity architectures.

VCSG is seeking stakeholders to participate in the project. This includes federal agencies seeking information to develop future Requests for Proposals (RFPs), cybersecurity vendors seeking to have their ZTA products and services demonstrated and tested, standards bodies such as the IEEE ZTWG, and cybersecurity non-profits with the mission to provide training and awareness for Zero Trust best practices.

Interested stakeholders are encouraged to contact VCSG President Paul Gozaloff for more information.

Latest from Blog

Top CISA official looks back on four years of cyber work

TLDR: Eric Goldstein, a top official at CISA, reflects on progress made in cybersecurity during his tenure. Key achievements include understanding cyber risks, collaboration with industry, and encouraging secure product development. Eric

Juggling AI cybersecurity highs and lows

TLDR: At the 2024 MIT Sloan CIO Symposium, industry leaders discussed the challenge of balancing AI’s benefits with its security risks, particularly focusing on generative AI. While generative AI can bring benefits

Get your free Cyber Security eBook now Valued at $169

“`html TLDR: Key Points: Claim your complimentary eBook worth $169 for free before May 22. The eBook covers practical applications of cyber security and network security for professionals, engineers, scientists, and students.