Skip to main content

Falling behind on zero trust?

Five things you can do to help get back on track

Coming to grips with the complexity of zero-trust security

As fiscal year 2027 (FY27) draws ever closer, many government agencies are struggling to comply with the Federal directive requiring all government agencies to adopt a zero-trust (ZT) security approach and architecture. Many of these ZT efforts are falling behind schedule.

To meet the FY27 ZT mandate, government organizations must appreciate the magnitude of the transformation that’s required. ZT is not merely a technology implementation but an organizational transformation that requires comprehensive change management and stakeholder engagement.

Some agency leaders may be hoping to address the challenge by kicking the can down the road with a deadline extension. But a better approach is to avoid getting lost in the requirements and scale of ZT that may be causing delays, and instead perform an honest evaluation of the organization’s current technologies, processes, and network designs. Then, identify the specific ZT targets at the agency level based on mission, funding, existing technology stacks, workforce skill sets, and strategic goals.

The path to ZT will vary organization to organization. There's tremendous flexibility in ZT and the way a ZT architecture is achieved, including what solutions and processes can or should be used. There are many decisions that must be made throughout the organization to deliver on ZT, but it’s difficult to make decisions and evaluate options inside a vacuum of information.

In this article, we offer insights to help government agencies get their ZT efforts back on track. It lists the key questions they need to start asking now, and offers five practical things they can do to stop or prevent schedule slippages.

Dive into our thinking

Falling behind on zero trust?

Download PDF

Explore more

Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Accelerating ATOs with the new cybersecurity risk management construct

Cumbersome and slow is not a requirement of compliance. Adaptable, dynamic, and flexible compliance can be a reality.

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Successful zero-trust transformation in government

Seven key lessons

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Zero trust microsegmentation

Visualizing security through a mission-first lens

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Can government agencies trust AI to handle zero trust?

AI promises make zero-trust security a reality. We look at what you might be missing.

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

What's the best way to zero trust?

Forget about zero trust

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Deliver a secure digital experience every time

Learn real-world applications governments can use to deliver on their responsibility to secure data and assets from idea through delivery

Read more

Want to receive the latest government insights?

Opt-in today and be the first to receive the latest industry updates from KPMG

Opt-in

Meet our team

Image of Sai Gadia
Sai Gadia
Partner, Cyber Security Services, KPMG LLP
Read bio
Image of Sai Gadia
Sai Gadia
Partner, Cyber Security Services, KPMG LLP
Read bio

Explore other services

Industry
Government and Public Sector
Read more
Industry
Federal government
Read more
Industry
State and local government
Read more

Thank you

Thank you for subscribing. You should receive a confirmation e-mail soon.

Connect with KPMG

Opt-in to receive the latest government insights from KPMG

Thank you for reaching out. We will be in touch soon to follow up.
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred.

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2026 KPMG LLP, a Delaware limited liability partnership, and its subsidiaries are part of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline