Balancing Zero Trust and Disaster Recovery: Navigating NGA’s Cybersecurity Challenges

Original Broadcast, October 1, 2024

Presented by Carahsoft

Gary Buchanan, CISO and Director of the Cybersecurity Office at the National Geospatial-Intelligence Agency (NGA), elaborates on the agency's unique position within both the Department of Defense (DoD) and the Intelligence Community (IC). This dual role necessitates adherence to two distinct sets of cybersecurity protocols, particularly as NGA moves toward implementing a Zero Trust architecture. Buchanan outlines the agency’s approach, which begins with assessing its current cybersecurity posture and identifying gaps in compliance. Critical to this transition are initiatives involving micro-segmentation of networks, meticulous data tagging, and overhauls in identity and access management practices. He emphasizes the importance of leveraging open-source standards and fostering partnerships with industry stakeholders, which allows NGA to adopt tools that can seamlessly integrate into their operations.

Key Takeaways:

1. NGA is advancing toward Zero Trust by focusing on network micro-segmentation, data tagging, and access controls to ensure compliance with DoD and IC standards.
   
   
2. Buchanan highlights a shift in cybersecurity from proprietary systems to open-source standards, allowing for faster integration of tools and improved adaptability.
   
   
3. Disaster recovery at NGA goes beyond traditional backup systems, focusing on ensuring real-time data availability and resilience against both natural disasters and communication failures.