The VA is in the process of implementing a zero-trust cybersecurity model to better secure veterans’ sensitive personal data.
The Department of Veterans Affairs is one of the federal government’s largest agencies, with almost 580,000 employees working to provide medical care, benefits and memorial services for millions of veterans. Given the complexity of its mission, VA needs to store, share and use vast quantities of personal data from veterans all across the country. And it must do so securely.
In May 2021, President Joe Biden issued an Executive Order on Improving the Nation’s Cybersecurity that directed all federal agencies to develop and implement zero trust architecture. By implementing this cybersecurity model, VA will be better equipped to defend veterans’ data and the integrity of departmentwide systems and networks by ensuring that all end users, whether they are inside or outside of the department, are digitally vetted before they can access internal information.
Nextgov recently sat down with Lynette Sherrill—VA’s chief information security officer—to discuss VA’s progress in implementing its zero trust strategy, as well as the importance of safeguarding veterans’ personal data. Sherrill, who was named VA’s permanent CISO in September, is responsible for overseeing and implementing the department’s cybersecurity efforts and is currently leading the development of the department’s zero trust strategy.
“In order for you to do the zero trust model, you have to know how end users interact with the data,” Sherrill said about ongoing efforts to implement the cyber strategy.
You can listen to the full podcast below or on your favorite podcast platform.