Zscaler’s Public Sector Summit is coming to Washington, D.C. on March 3, 2026—and it’s focused on a challenge public sector teams are working through every day: building confidence in modern government environments. Cloud, SaaS, remote work, mission partners, and contractor ecosystems have dissolved the old perimeter. The legacy model—“inside equals safer”—doesn’t hold any longer. The conversations that matter now are about execution: how agencies replace implicit trust with verified confidence, continuously evaluated and enforced. Public sector teams have been doing this work for decades—modernizing under mission demands, defending against persistent adversaries, and integrating partners and contractors at scale. The shift to Zero Trust reflects that reality. When environments are distributed by design, security can’t hinge on network location or broad internal reachability. It has to be anchored in policy: explicit decisions about who gets access to what, under which conditions, with enforcement that holds up when conditions change.Zero Trust, done well, is the systematic removal of inherited assumptions. It replaces “where you are” with “who you are, what you’re using, what you’re trying to reach, what network telemetry is telling us, and what current risk indicates right now.” It treats trust as a continuously evaluated decision—not a one-time badge check. And it encourages a disciplined approach: define what needs protection, narrow access paths, reduce standing privilege, and enforce policy as close as practical to the user, device, and application.That’s the backdrop for Zscaler Public Sector Summit. The agenda is designed to move past slogans and into practical execution—how public sector organizations operationalize Zero Trust in ways that are repeatable, measurable, and sustainable. That includes the mechanics behind the strategy: sequencing, governance, policy enforcement patterns, and the signals (identity, device posture, and network telemetry) that make confidence measurable—not assumed. The summit is also defined by the people in the room. This year’s event includes leaders working national-level cyber policy and implementation, including Sean Cairncross, National Cyber Director within the Office of the National Cyber Director. It also includes Alexandra Seymour, Principal Deputy Assistant National Cyber Director for Policy. The broader program brings in practitioners across government and mission environments to share what’s proving deployable in the real world—where the objective is to reduce risk while maintaining speed, uptime, and mission delivery.The summit features Eric O’Neill, a former FBI counterintelligence operative whose work is closely associated with the Hanssen case. His perspective is a useful reminder for cyber leaders: large failures are rarely a single moment. They’re often the accumulation of small trust decisions that go unchallenged—access that expands quietly, exceptions that persist, and visibility gaps that endure because nothing has gone wrong yet. Counterintelligence is, in many ways, a study in replacing assumed trust with verification, and making confidence something you can continuously test.My panel is built for the implementation conversation—how public sector leaders are operationalizing Zero Trust at scale. I’ll be joined by Michael Duffy, Acting Federal Chief Information Security Officer at the Office of Management and Budget. We’ll focus on the parts that determine outcomes: where implicit trust still shows up in architectures and workflows, what it looks like to enforce policy in front of applications and data, and how to translate “least privilege” from aspiration into daily practice.Most importantly, the summit will focus on how to measure progress in a way leaders can defend: shrinking blast radius, reducing standing privilege, narrowing access paths, accelerating detection and containment, and improving resilience when credentials are abused. Those are the markers of operational maturity—where Zero Trust becomes something teams can run as a capability, not just deploy as a project.If you’re working through Zero Trust execution—policy, enforcement, telemetry, and practical implementation patterns—Zscaler looks forward to hosting a day built for that work.
[#item_full_content] Zscaler’s Public Sector Summit is coming to Washington, D.C. on March 3, 2026—and it’s focused on a challenge public sector teams are working through every day: building confidence in modern government environments. Cloud, SaaS, remote work, mission partners, and contractor ecosystems have dissolved the old perimeter. The legacy model—“inside equals safer”—doesn’t hold any longer. The conversations that matter now are about execution: how agencies replace implicit trust with verified confidence, continuously evaluated and enforced. Public sector teams have been doing this work for decades—modernizing under mission demands, defending against persistent adversaries, and integrating partners and contractors at scale. The shift to Zero Trust reflects that reality. When environments are distributed by design, security can’t hinge on network location or broad internal reachability. It has to be anchored in policy: explicit decisions about who gets access to what, under which conditions, with enforcement that holds up when conditions change.Zero Trust, done well, is the systematic removal of inherited assumptions. It replaces “where you are” with “who you are, what you’re using, what you’re trying to reach, what network telemetry is telling us, and what current risk indicates right now.” It treats trust as a continuously evaluated decision—not a one-time badge check. And it encourages a disciplined approach: define what needs protection, narrow access paths, reduce standing privilege, and enforce policy as close as practical to the user, device, and application.That’s the backdrop for Zscaler Public Sector Summit. The agenda is designed to move past slogans and into practical execution—how public sector organizations operationalize Zero Trust in ways that are repeatable, measurable, and sustainable. That includes the mechanics behind the strategy: sequencing, governance, policy enforcement patterns, and the signals (identity, device posture, and network telemetry) that make confidence measurable—not assumed. The summit is also defined by the people in the room. This year’s event includes leaders working national-level cyber policy and implementation, including Sean Cairncross, National Cyber Director within the Office of the National Cyber Director. It also includes Alexandra Seymour, Principal Deputy Assistant National Cyber Director for Policy. The broader program brings in practitioners across government and mission environments to share what’s proving deployable in the real world—where the objective is to reduce risk while maintaining speed, uptime, and mission delivery.The summit features Eric O’Neill, a former FBI counterintelligence operative whose work is closely associated with the Hanssen case. His perspective is a useful reminder for cyber leaders: large failures are rarely a single moment. They’re often the accumulation of small trust decisions that go unchallenged—access that expands quietly, exceptions that persist, and visibility gaps that endure because nothing has gone wrong yet. Counterintelligence is, in many ways, a study in replacing assumed trust with verification, and making confidence something you can continuously test.My panel is built for the implementation conversation—how public sector leaders are operationalizing Zero Trust at scale. I’ll be joined by Michael Duffy, Acting Federal Chief Information Security Officer at the Office of Management and Budget. We’ll focus on the parts that determine outcomes: where implicit trust still shows up in architectures and workflows, what it looks like to enforce policy in front of applications and data, and how to translate “least privilege” from aspiration into daily practice.Most importantly, the summit will focus on how to measure progress in a way leaders can defend: shrinking blast radius, reducing standing privilege, narrowing access paths, accelerating detection and containment, and improving resilience when credentials are abused. Those are the markers of operational maturity—where Zero Trust becomes something teams can run as a capability, not just deploy as a project.If you’re working through Zero Trust execution—policy, enforcement, telemetry, and practical implementation patterns—Zscaler looks forward to hosting a day built for that work.
