A new report released today by low-code security automation company Swimlane LLC surprisingly finds that about two-thirds of U.S. government agencies are confident of meeting the zero-trust requirements imposed by a Biden administration executive order with just over a year until the deadline.

The executive order, issued in May 2021, came a week after pipeline system operator Colonial Pipeline Co. was crippled by a ransomware attack, resulting in gas shortages on the U.S. East Coast. The order outlined a number of initiatives, but key among them was the requirement of federal agencies to plan and then implement zero-trust architectures.

Zero trust is a security model that advocates not trusting any user or system, inside or outside an organization’s perimeter, without rigorous verification. The idea behind zero trust is that it ensures that only authenticated and authorized users and devices can access applications and data.

Along with two-thirds of agencies saying they’re on track to meet the zero-trust requirements of the executive order, 64% of agencies also said that they are choosing low-code security automation solutions to help them achieve their goals.

Although agencies were surprisingly confident, the road to meeting the requirements is not paved with gold but with staff shortages. The report found that 83% of federal agencies have security team positions currently open and 64% of agencies say it takes longer to fill a security position now than it did two years ago. A third of federal agencies said they don’t think their security team will ever be fully staffed.

Low-code automation solutions are being warmly embraced, with virtually all agencies citing the benefits of such solutions. Half said that low-code leads to less reliance on coding to automate, 40% said that they were able to address security automation requirements with low-code solutions, and 38% said low-code solutions scale with the experience of their security team.

Conversely, though low-code was popular, 99% were not fans of no-code solutions. Close to half said no-code solutions lack features, 44% said no-code solutions don’t support all environments, and 43% said that no-code tools will have to be replaced in the short term.

“As a nation and society, we are at a crucial juncture with a multitude of significant cybersecurity challenges confronting us, from threats to our critical infrastructure to increasing and changing risks posed by nation-states like Russia and China,” Cody Cornell, co-founder and chief strategy officer of Swimlane, said in the report. “These challenges have put cybersecurity in the limelight for the federal government, as those elected to protect us realize that cybersecurity is a matter of national security.”

Photo: POTUS/Twitter