Written by Dave Nyczepir
The National Institute of Standards and Technology selected 18 tech companies to demonstrate zero-trust security architectures as it drafts guidance for agencies and industry.
Companies will work with NIST‘s National Cybersecurity Center of Excellence to design and deploy architectures in accordance with Special Publication (SP) 800-207, as part of the Zero-Trust Architecture Project.
The project comes after the Biden administration issued a cybersecurity executive order in May requiring agencies to create plans to implement zero-trust security within 60 days.
“Implementing a zero-trust architecture has become a federal cybersecurity mandate and a business imperative,” said Natalia Martin, acting director of the NCCoE, in an announcement. “We are excited to work with industry demonstrating various approaches to implementing a zero-trust architecture using a diverse mix of vendor products and capabilities and share ‘how to’ guidance and lessons learned from the experience.”
The NCCoE plans to publish a NIST Cybersecurity Practice Guide in the SP 1800 series detailing the steps needed to implement reference designs at the end of the project.
Participating companies include: Amazon Web Services, Appgate, Cisco Systems, F5 Networks, FireEye, Forescout Technologies, IBM, McAfee, Microsoft, MobileIron, Okta, Palo Alto Networks, PC Matic, Radiant Logic, SailPoint Technologies, Symantec, Tenable, and Zscaler.
The selected vendors responded to a Federal Register notice to submit capabilities that aligned with the project’s desired solution characteristics. Each one was extended a cooperative research and development agreement, enabling them to participate in the consortium.
“We are all committed to collaborating and demonstrating different, practical approaches to implement a zero-trust architecture,” said Stephen Kovac, vice president of global government at Zscaler, in a statement. “As we know, no one solution fits every situation.”