Key Points:
- Veterans Cybersecurity Group (VCSG) is establishing a Zero Trust Proving Ground (ZTPG) to test and evaluate Zero Trust Architecture (ZTA) implementations for federal agencies.
- The lack of zero-trust standards and an established testing methodology is a major obstacle for federal agencies in implementing a zero-trust architecture.
Veterans Cybersecurity Group (VCSG) has introduced a “Zero Trust Proving Ground” (ZTPG) as an essential step in Zero Trust Testing for Federal Agencies. The goal of VCSG is to assist federal agencies in meeting the aggressive zero-trust goals set by President Biden’s Executive Order 14028. This order mandates federal agencies to develop plans for implementing a zero-trust architecture (ZTA) by the end of FY 2024. However, the lack of zero-trust standards and an established testing methodology is a major obstacle to achieving these goals.
VCSG’s Zero Trust Proving Ground (ZTPG) aims to establish a testing standard for ZTA solutions. It will be hosted on an established cyber range used by government agencies as a virtual cybersecurity training and testing environment. This will allow multiple “communities of interest” to implement cyber-attack and exploitation scenarios to test and evaluate ZTA implementations.
The ZTPG will also conduct vulnerability analysis and penetration testing to inform the development of a standardized ZTA testing framework. This framework will empower federal agencies to evaluate and integrate third-party ZTA solutions into their emerging cybersecurity architectures.
VCSG is actively seeking stakeholders for this project. This includes federal agencies seeking information (RFI) to develop future Requests for Proposals (RFPs), cybersecurity vendors looking to have their ZTA products and services demonstrated and tested, standards bodies like the IEEE Zero Trust Working Group (ZTWG), and cybersecurity non-profits like ISC2 and CSA. These stakeholders can contact VCSG President Paul Gozaloff for more information.