Falling behind on zero trust?
Five things you can do to help get back on track

Coming to grips with the complexity of zero-trust security
As fiscal year 2027 (FY27) draws ever closer, many government agencies are struggling to comply with the Federal directive requiring all government agencies to adopt a zero-trust (ZT) security approach and architecture. Many of these ZT efforts are falling behind schedule.
To meet the FY27 ZT mandate, government organizations must appreciate the magnitude of the transformation that’s required. ZT is not merely a technology implementation but an organizational transformation that requires comprehensive change management and stakeholder engagement.
Some agency leaders may be hoping to address the challenge by kicking the can down the road with a deadline extension. But a better approach is to avoid getting lost in the requirements and scale of ZT that may be causing delays, and instead perform an honest evaluation of the organization’s current technologies, processes, and network designs. Then, identify the specific ZT targets at the agency level based on mission, funding, existing technology stacks, workforce skill sets, and strategic goals.
The path to ZT will vary organization to organization. There's tremendous flexibility in ZT and the way a ZT architecture is achieved, including what solutions and processes can or should be used. There are many decisions that must be made throughout the organization to deliver on ZT, but it’s difficult to make decisions and evaluate options inside a vacuum of information.
In this article, we offer insights to help government agencies get their ZT efforts back on track. It lists the key questions they need to start asking now, and offers five practical things they can do to stop or prevent schedule slippages.
Dive into our thinking
Falling behind on zero trust?
Download PDFExplore more

Successful zero-trust transformation in government
Seven key lessons

Zero trust microsegmentation
Visualizing security through a mission-first lens

Can government agencies trust AI to handle zero trust?
AI promises make zero-trust security a reality. We look at what you might be missing.

What's the best way to zero trust?
Forget about zero trust

Deliver a secure digital experience every time
Learn real-world applications governments can use to deliver on their responsibility to secure data and assets from idea through delivery
Want to receive the latest government insights?
Opt-in today and be the first to receive the latest industry updates from KPMG
Meet our team
