DoD perfecting zero trust concepts during assessment process

October 8, 2024
1 min read

“`html

TLDR:

  • The Pentagon is rigorously evaluating its zero trust use cases, including working with major cloud providers like Microsoft and Google.
  • The goal is to achieve a target level of zero trust across all DoD components by fiscal 2027.

Article Summary:

The Defense Department is actively assessing zero trust concepts as part of its cybersecurity strategy. The zero trust portfolio management office has signed up 18 proofs of concept, with 12 already completed and ready for assessment. These use cases range from ship-to-shore connections to federated identity and access management. The department aims to achieve a target level of zero trust across all components by 2027, focusing on broad use cases that can be applied across DoD to accelerate the adoption of zero trust architectures.

The Pentagon is working with MIT Lincoln Labs to create a “zero proving ground” for testing technologies and vendor solutions. Cloud service providers like Amazon, Google, Microsoft, and Oracle are also key partners in achieving zero trust goals. The DoD has already completed assessments of Microsoft Azure and Google Cloud, with specific requirements for meeting zero trust activities.

Additionally, the Pentagon is set to receive updated zero trust implementation plans from military services and defense components. Organizations are urged to ensure readiness for zero trust red-teaming assessments, with only two certified red teams currently available. Failing the formal assessment may result in delays in testing. The department’s ultimate goal is to shift the responsibility of assessing environments to the services once a certain level of progress is achieved.

“`

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and