The Cybersecurity and Infrastructure Security Agency (CISA) has published a guide that helps federal civilian agencies advance their zero trust capabilities and adopt modern architectures supported under the Trusted Internet Connections (TIC) 3.0 Initiative. Part of CISA’s Journey to Zero Trust series, this guide helps agencies transition away from the limitations of using TIC 2.0 and capitalize on TIC 3.0 flexibilities to employ Secure Access Service Edge (SASE) solutions. Federal agencies will better understand, plan and mature to zero trust architecture to improve user experience, increase visibility and control, and enable telemetry sharing with CISA services.
Many legacy architectures rely on perimeter-based security models such as TIC 2.0 that routes all traffic through centralized controls. Today’s rapidly evolving threat landscape and organizations’ shift to more distributed business models with cloud capabilities and remote workforces reveal shortcomings in legacy perimeter-based paradigms. Based on CISA’s work with federal agencies, this guide helps technical leaders and enterprise architects implement a SASE solution to replace their existing managed trusted internet protocol services (MTIPS) connectivity. The transformation to SASE solution improves network performance, reduces latency, and increases visibility and control.
“CISA continues to support federal agencies and the broader cybersecurity ecosystem with their continued adoption of zero trust network capabilities to meet mission needs and the evolving cyber threat landscape,” said Acting Executive Assistant Director for Cybersecurity Chris Butera. “With this guide, CISA helps agencies realize the benefits of zero trust architectures and the flexibilities of TIC 3.0.”
Launched last year with microsegmentation guide, this ongoing series provides resources on cybersecurity capabilities and architecture topics related to the adoption of modern zero trust principles. While directed to federal civilian agencies, organizations such as state and local governments and critical infrastructure entities may find this series useful as they transition to zero trust architecture.
For more information, visit CISA’s Zero Trust webpage.
The original announcement can be found here.
