b'I Is your agency targeting Secure Access Service Edge (SASE) as the endgoal of its zero trust architecture? Why or why not? Steven Hernandez: When we think about SASE. were really talking about thehyper-advancement of networking technology. Were talking about moving some classic thinking like trusted internet connections from a physical conceptwhere theres an actual physical location that contains itto a cloud-based type of approach. Thats whats awesome about SASE. SASE in our view gets you about 80% of the way there.For most of the folks Im talking to right now, SASE is the next step, because its going to get us so much capability and frankly so much agility on the control plane that its a no-brainer. That is the biggest win that most of us could get right now. Mike Witt: I dont know if its our end goal, but SASE is something we are definitely discussing internally as we define our zero trust roadmap. Weve actually talked to SASE providers to understand how that market is working. Davon Tyler: We havent really identified what the end goal is yet. Right now were really focused on planning, educating, and creating a plan that could be sustainable. Even though zero trust has been out for a couple years in the technology world its still in its immature stages. Theres a lot of conversations that are happening within the treasury and the U.S. Mint on what we do and how we go about implementing zero trust in a way that doesnt impact operations but also enhances the security that we provide. Brian Gattoni: Its important to remember that the environment is always changing. When I have conversations, as the chief technology officer advising folks on where technology isgoing, I have to remind them that end goals are problematic because as soon as you think youre done, the environments going to change again. Is SASE one of the goals on major agencies journeys through achieving zero trust architectures? Yes, I think it is. But it has some practical challenges to be aware of as we move through the adoption of zero trustcapabilities towards that secure access service edge. Were going to have to keep an eye on how the market brings these capabilities to bear in an interoperable fashion. If you keep your mind set on the future and look at the integration of these capabilities, SASE can very much be on your zero trust journey. It could be towards the end of your current plans for zero trust, it is not an end zone where you spike the football and dance. That is one more stop incontinuing to provide dynamic capability against the dynamic threat. Rob Leahy: Were not quite there yet. Zero trust implementation is still in its beginning stages. Zero trust is very important from a conceptual perspective. Technologies are evolving to get us there. Theres not a single right answer, and were going to have to figure out what will work, and its going to be evolutionary when we find it.Government Business Council Securing the Nations Network|Page 5'