The Cybersecurity and Infrastructure Security Agency has issued the first part of its latest guide that provides an overview of microsegmentation as part of CISA’s efforts to help federal civilian executive branch agencies implement zero trust architectures.
Join the Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12, and keep abreast of the latest government cybersecurity initiatives and policies. Save your spot now!
Table of Contents
What Is the Purpose of CISA’s Zero Trust Microsegmentation Guidance?
CISA said Tuesday the document titled “Microsegmentation in Zero Trust, Part One: Introduction and Planning” is part of its Journey to Zero Trust series and covers key concepts associated with microsegmentation, which seeks to reduce the attack surface, limit lateral movement and boost visibility.
“So many organizations, both on the federal side and in the private sector, we saw make early investments in zero trust network access tools, or SASE tools – secure access service edge –as part of their early implementation,” Shelly Hartsook, an acting associate director within CISA’s cybersecurity division, told Federal News Network in an interview.
“And there is a value in those bringing those tools into the toolbox and initially implementing them. This guidance can help organizations make the most of those technology investments and how they’re configured and really used across the enterprise,” Hartsook added.
The document also offers recommended actions to advance zero trust principles and modernize network security.
The agency intends to launch a subsequent technical guide to provide implementatation teams with technical considerations and detailed implementation scenarios.
Phased Approach to Microsegmentation
The document provides agencies with a phased approach when transitioning portions of their enterprise to microsegmentation.
The phased approach includes identifying candidate resources for segmentation; identifying dependencies for selected candidate resources; determining appropriate segmentation policies; and deploying updated segmentation policies.
Hartsook noted that implementing microsegmentation requires organizations to do careful planning from the start.
“So really understanding how to apply it and having a deliberate strategy architecture and planning is critical to doing this in a way that achieves the cybersecurity intent without mucking up your just normal business with your organization,” she told FNN.
Related Articles
The Senate Appropriations Committee on Thursday voted 26-3 to pass a bill that would appropriate $851.9 billion in discretionary defense funding for fiscal year 2026. Weapons Systems Procurement The committee said Thursday the proposed FY 2026 Defense Appropriations Act would allocate $171.3 billion for weapon systems procurement and $140.5 billion for platform research, development and testing. The measure includes a $280 million increase in funding for F-135 spare engines and an additional $500 million for F-35 sustainment spare parts; an additional $216 million for drone and counter-drone tech capabilities; $4.6 billion more for air and missile defense efforts; and a
NASA wants to team up with industry to develop advanced space technologies for future commercial or government use. The space agency on Wednesday issued an announcement of collaboration opportunity, or ACO, to solicit partnership proposals. Managed by the Space Technology Mission Directorate, the ACO gives industry partners access to NASA subject matter expertise, facilities, software and hardware to accelerate and enhance capability development. According to NASA, the ACO will be open for five years and will serve as an umbrella opportunity for topic-specific appendices that would be released every six to 12 months to address evolving needs. For the 2025
Robert F. Kennedy, Jr., head of the Department of Health and Human Services, and other government and healthcare technology leaders have committed to delivering a patient-centric digital health ecosystem. At an event hosted by the Centers for Medicare & Medicaid Services at the White House, over 60 companies pledged to collaborate and deliver results that benefit the public in the first quarter of 2026. Meanwhile, 11 health systems and providers said they will support patient use. Seven electronic health record companies pledged to facilitate data exchange. According to Kennedy, bureaucrats and entrenched interests have made health data inaccessible to patients,