GAO Recommends Zero Trust Architecture for Secret Service

The Secret Service should update cybersecurity plans to reflect zero trust architecture guidance, the GAO said Tuesday. The GAO noted the Secret Service’s four-milestone cyber plan, which includes “assessing agency IT systems against federal guidance and implementing cloud services.” The plan was created before ZTA guidance was issued. ZTA "requires constant verification of everything that's trying to connect to an organization's IT systems," GAO said. The Department of Homeland Security responded on behalf of the Secret Service, concurring with the GAO recommendation.