Bill Rowan, vice president of public sector at Splunk, said that organizations implementing zero trust strategies will be more effective if they gradually adopt ZT security measures instead of executing them in all departments at the same time.

In a Fed Gov Today interview aired Sunday, Rowan discussed the challenges that lead to varying impacts of zero trust architecture on federal agencies.

He said that legacy systems are making it more difficult for agencies and institutions to embed zero trust. “I firmly believe that attacking some of the modern apps – the new systems that are being built to be able to embed this as a service, the portability of that microservice, to be able to move across multiple clouds…that would probably be our best first step,” he explained.

While 85 percent of government agencies have a cloud-first strategy, the intersection of that with the number of agencies adopting specific zero trust vary depending on what percentage of new cloud and ZT systems are represented in different organizations, Rowan commented.

He noted the Department of Defense may be ahead of civilian agencies in implementing modern apps, while bigger states tend to have more of these systems than municipalities and counties.