One year ago, President Biden signed the Executive Order on Improving the Nation's Cybersecurity, which outlined goals for federal cybersecurity practitioners to implement zero trust and security best practices.

A study commissioned by General Dynamics Information Technology (GDIT), the Agency Guide to Zero Trust Maturity, measured the progress federal agencies have made on their zero trust implementation plans since the executive order was released. The study surveyed 300 federal employees from defense and civilian agencies to determine federal zero trust maturity.

Zero trust program maturity

The executive order requires government agencies to achieve specific zero trust security goals by the end of fiscal year 2024. According to the study:

  • 63% of respondents said their agencies will meet these requirements on time or early.
  • 92% are confident in their agency’s ability to defend against cyber threats.
  • 76% have a formal zero trust strategy in place, with 52% actively implementing one.

But, with such a major undertaking against an ambitious timeline, challenges remain.

  • 58% said one of the primary challenges to implementing zero trust architecture is rebuilding or replacing existing legacy infrastructure.
  • 50% are having trouble identifying what technologies they need.
  • 48% think their agencies lack sufficient IT staff expertise.

Read the full report here.