b'However, SASE itself will not be an all-encompassing Zero Trust solution. For example, lets look at the data pillar of the CISA Zero Trust Maturity Model. It recommends centralized logging and security analytics that require tools such as a security information event manager (SIEM) and skilled resources e.g. SOC analysts, to do investigation or remediation. This is in line with my previous discussion around SOC functions. In short, SASE will shine in providing a consolidated, single pane of glass capability that combines security and network functions and provides broad strokes in coverage with Zero Trustprinciples. I think its an important track for agencies to pursue, but again, SASE itself is not a holistic, fully encompassing Zero Trust solution based on the maturity model. In your opinion, what new technologies arechanging the future of network security and why?Ill offer two examples. The first is the continued rise in leveraging machine learning for predictive analytics and anomaly detection. Thats really exciting to see. There are more and more technologies incorporating these capabilities and were giving developers and system architects the right toolkits to leverage them. At AT&T, we use this innovative approach with machine learning as part of ourcapabilities. Providing early-stage, more predictive identification of threatsfor example withanomaly detection from established baselines in user behavioris critical for our customers. The second example is Endpoint Detection Response (EDR) agents. Particularly those that are lightweight enough to run on mobile devices. Were going to see a continuing prominence in these, and they will be essential to the security efforts of agencies. EDR agents cover a lot of the Zero Trust tenets. They can fill agency gaps such as asset visibility, tracking whats on the network, ensure policy enforcement, patch compliance before assets connect into a network environment, and even serve as ransomware protection, which has been a continuing epidemic. I think getting the EDR agents deployed on the enterprise asset and device inventories is critical to good defense posture moving forward. Are there any other critical challenges we should be aware of when it comes to the future of network security? First, it is becoming apparent that there will be a continued shortage of qualified, cleared staff andresources, especially in the Federal government. Agencies are going to have to further rely onmanaged security and professional services to address their needs in a timely manner. Working with industry partners for those critical security functions and operations will become more imperative. Second, Id offer up the continued emergence of next-gen mobile networks as a tool and component of network modernization. With the explosion of connected devices and IoT, the attack surface is also rapidly expanding and will drastically increase threat vectors. This further emphasizes my point on EDR agents and the compatibility for ICAM on mobile devices. Just simply logging and keeping track of all the loT devices will present challenges from the integration and a data volume perspective. In closing, as security continues to be top-of-mind for both federal and state legislative branches, agencies need to accurately keep track of their security postures and compliance so they can act quickly to stay in step with the evolving landscape. The ability to quickly procure services andsolutions will be necessary and EIS (Enterprise Infrastructure Solutions) will continue to be animportant procurement tool for federal agencies and to meet emerging requirements.Government Business Council Securing the Nations Network | Page 11'