Ivanti, the automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today announced that it has been selected by the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) to participate as a collaborator in the Implementing A Zero Trust Architecture project. The goal of the project is to build Zero Trust security architectures to help organizations mitigate cybersecurity risk. President Biden recently signed an Executive Order, making Zero Trust a top priority for modernizing U.S. federal government cybersecurity and requiring federal agencies to quickly develop plans to implement Zero Trust Architectures.
At its simplest, Zero Trust security enables organizations to achieve a stronger and more impenetrable network by continually verifying each asset and transaction before permitting any access. By adopting a “never trust, always verify” approach, organizations can achieve comprehensive visibility and secure access across devices, users, apps, data, and networks in the Everywhere Workplace.
As a collaborator, Ivanti will help develop practical, interoperable approaches to designing and building Zero Trust architectures that align with the tenets and principles documented in NIST SP 800-207, Zero Trust Architecture. As part of this collaboration, the NCCoE will compose and release a publicly available NIST Cybersecurity Practice Guide, which will include several Zero Trust cybersecurity reference designs that address a variety of real world cybersecurity and infrastructure challenges. Ivanti is joined by collaborators Amazon Web Services, AppGate Federal, Cisco, F5 Networks, FireEye, Forescout, IBM Corp, McAfee Corp, Microsoft, Okta, Palo Alto Networks, PC Matic, Radiant Logic, SailPoint Technologies, Symantec (Broadcom), Tenable and Zscaler.
“With sophisticated cyberattacks becoming increasingly commonplace, it’s clear that a radical transformation is needed in the way public and private industries approach security,” said Bill Harrod, Federal CTO of Ivanti. “That transformation needs to be grounded in Zero Trust principles and should be focused on cybersecurity modernization. The problem today is that Zero Trust approaches to security have been fragmented, inconsistent, and difficult to implement, resulting in slow adoption that only exacerbates an already precarious situation. As a leader in providing solutions that accelerate Zero Trust adoption, we are pleased to be part of this cohort, along with NIST. We look forward to developing example Zero Trust implementations that will shape a new era of cybersecurity best practices designed to mitigate risk.”
Conventional network security approaches have traditionally focused on perimeter defense; however, the perimeter has become less relevant due the growth of cloud and mobile technologies and the surge in remote work. The emergence of the Everywhere Workplace has also introduced new threat vectors that traditional security models were simply not designed to defend against, such as new points of entry, exit, and data access, making security an ongoing challenge. Zero Trust addresses these challenges by focusing on protecting resources and users instead of the perimeter. Zero Trust enables organizations to consistently enforce controlled access and tight containment across users, devices, apps, and networks, reducing their attack surfaces and minimizing risk.
For more information on the NIST NCCoE Implementing Zero Trust Architecture project, please visit the project page at https://www.nccoe.nist.gov/zerotrust.
Ivanti makes the Everywhere Workplace possible. In the Everywhere Workplace, employees use myriad devices to access IT applications and data over various networks to stay productive as they work from anywhere. The Ivanti Neurons automation platform connects the company’s industry-leading unified endpoint management, zero-trust security, and enterprise service management solutions, providing a unified IT platform that enables devices to self-heal and self-secure and empowers users to self-service. Over 40,000 customers, including 78 of the Fortune 100, have chosen Ivanti to discover, manage, secure, and service their IT assets from cloud to edge, and deliver excellent end-user experiences for employees, wherever and however they work. For more information, visit www.ivanti.com and follow @GoIvanti.
About the NIST NCCoE
The NCCoE, a part of NIST, is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity issues. This public-private partnership enables creation of practical cybersecurity solutions for specific industries, as well as for broad, cross-sector technology challenges. Through consortia under CRADAs, including technology partners—from Fortune 50 market leaders to smaller companies specializing in information technology and operational technology security—the NCCoE applies standards and best practices to develop modular, easily adaptable example cybersecurity solutions by using commercially available technology. The NCCoE documents these example solutions in the NIST Special Publication 1800 series, which maps capabilities to the NIST Cybersecurity Framework and details the steps needed for another entity to re-create the example solution. The NCCoE was established in 2012 by NIST in partnership with the State of Maryland and Montgomery County, Maryland. Information is available at https://www.nccoe.nist.gov.
# # #