Defense Innovation Board Issues White Paper on Zero Trust Architecture

Jeff Brody

The Defense Innovation Board approved at its quarterly meeting in Silicon Valley a white paper calling for the Pentagon to implement zero trust architecture to counter cybersecurity threats, Fedscoop reported Wednesday. The document titled “The Road to Zero Trust (Security)” notes that ZTA can help the Department of Defense track and block threat actors and manage rules of access for devices and users across the department to facilitate secure data sharing.

“The network design and flexibility of ZTA will help DoD more rapidly adopt and implement critical network technologies and enablers, ranging from cloud computing to artificial intelligence and machine learning,” according to the paper.

The document discusses DoD’s reliance on the perimeter security approach and the three basic steps of ZTA that should be applied within the network at the level of services and applications: verify the user, verify the device and verify access privileges.

“The traditional notion of perimeter-based security is no longer sufficient,” said Kurt DelBene, a board member and one the report’s authors. He added that with ZTA, organizations assume that the network is compromised.

The board outlines several questions to ask when implementing ZTA, including the use of an encryption key management strategy, enforcement of multifactor authentication and availability of processes to screen end-user devices for malicious software.

You may also be interested in...

Robert Wood

Robert Wood: CMS to Adopt Security-Oriented Standard for Software Bill of Materials

Robert Wood, chief information security officer at the Centers for Medicare and Medicaid Services (CMS), said that the CMS has started to lay the groundwork for how the agency incorporates a security-oriented software bill of materials into information systems, Nextgov reported Friday.