The U.S. electric grid is critical infrastructure consisting of an ecosystem of communities, stakeholders, governments and economies. Most of the grid infrastructure was built decades ago and is unreliable. Bad actors know it. In 2015, Russian hackers carried out the first successful cyberattack on the nation's electricity grid, which was just one of an ongoing series of security breaches and attacks on US infrastructure and utilities.
In a recent webinar produced by Federal News Network, the Director of the Environmental Protection Agency (EPA)’s Office of Information Security and Privacy, Tonya Manning, detailed the state of the agency’s zero trust and data handling postures, as well as its latest priorities. We’ll spotlight several takeaways and look at what’s to likely come down the pike for the EPA in the coming months and years.
Zero Trust Architecture
This past week, President Biden signed into law the Inflation Reduction Act of 2022. It contains a total of $750 billion dedicated to a number of provisions, including combatting climate change challenges. The legislation itself has been in the works just over a year and directs funds to several initiatives that those in the contracting sphere will want to watch.
The 2022 fiscal year-end is drawing near for 46 states, which means the time to leverage last-minute opportunities is coming to an end as state, local and education (SLED) organizations set their sights on next year’s budget and priorities. With FY23 just around the corner, SLED organizations will start executing on budget plans and drafting request for proposals (RFPs).
The heightened threat of retaliatory cyberattacks by Russia against critical U.S. IT infrastructure is prompting federal investments in cybersecurity to strengthen its cyber defense posture. The ongoing conflict in the region and the increased targeting of critical infrastructure assets will cause federal agencies to look for ways to strengthen their cybersecurity posture and redefine requirements that address cyber breaches that may occur during the coming months and years as well as drive investments into Zero Trust related tools and threat intelligence.
"We are making progress. This really is not just about technology. This is about changing our processes changing our approach to delivering and operating technology to IT systems and our cyber mechanical warfare systems as we move forward," said Robert Vietmeyer, DoD Director for Cloud and Software Modernization.
The United States Marine Corps’ Approach to Cloud Delivery: Key Takeaways From the 2022 DON IT Conference
At this year’s Department of the Navy (DON) IT Conference, the U.S. Marine Corps discussed its enterprise cloud delivery strategy and how it is derived from its mission to evolve antiquated networks. Before, a Marine working out of headquarters or a U.S. base would use enterprise systems, applications, and infrastructure, but when a Marine goes out in the field, a new email and identity are assigned to operate from different servers and shared drives. For the Marine Corps, that approach is going by the wayside.
Secretary of Defense, Lloyd Austin III, joined the President this past week in releasing the FY23 budget. With a total of $773B requested for defense priorities, which represents a nearly 4% increase from last fiscal year’s enacted amount, the Department of Defense (DOD) is seeking funding across multiple focal areas.
This past week, the president released the FY23 Budget Request. Civilian agencies are set to receive a boost across an array of initiatives including cybersecurity, workforce pay and development, climate science, mental health priorities, as well as infrastructure repair. The following will examine some of the prominent departments across the civilian landscape and the funding set to boost these top initiatives.
The U.S. Department of the Navy’s Approach to Zero Trust: Key Takeaways From the 2022 DON IT Conference
"Zero Trust is a cybersecurity strategy and framework that embeds IT security mechanisms throughout an architecture that generate metadata used to secure, manage, and monitor every device user, application, and network transaction at the perimeter and within every network enclave."
From the Department of Defense (DoD) Zero Trust Reference Architecture v1.0