The Pentagon Releases A Zero Trust Strategy

The Pentagon has put forward a Zero Trust strategy. The purpose of this is to guide the DoD how to direct their cybersecurity investments and efforts in the coming years to reach a “target” level of zero trust maturity over the next five years

The release of DoD’s zero trust strategy follows on the heels of the White House Office of Management and Budget’s federal zero trust strategy published earlier this year. DoD’s strategy lays out a detailed and ambitious plan for defense components to attain specific zero trust capabilities by 2027.

The aim is to counter a “rapid growth” in offensive cyber threats by shifting away from a perimeter defense model to a “never trust always verify” mindset, DoD Chief Information Officer John Sherman wrote in the foreword to the strategy.

Providing commentary on this strategy is Steve Judd, Solutions Architect at Venafi:

“The latest zero trust strategy from the Defense Department is an important step in ensuring investment is made to accelerate the adoption of zero trust. It’s encouraging to see that deadlines to submit execution plans and for completion have been set, as without these there is often a lack of urgency to act. The move towards a “never trust always verify” mindset is also very positive as an essential element of zero trust is identity. Every actor on the network – whether inside or outside the perimeter – must be authenticated and authorized with a valid identity. Yet what people often overlook is that there are two actors on the network: humans and machines. These machines include everything from cloud servers and Kubernetes clusters to servers and applications, with special levels of privileges to communicate with one another in a trusted and secure way. So, it’s important that any zero trust project takes machine identity into consideration alongside human identity management. The best way to enable this is through a control plane which automates the management of these machine identities.”

Groups outside the DoD should pay attention this as I am certain that this will be helpful to guide them as to how to make their environments much more secure.

Leave a Reply

%d bloggers like this: