Defense Innovation Board Issues White Paper on Zero Trust Architecture

Jeff Brody

The Defense Innovation Board approved at its quarterly meeting in Silicon Valley a white paper calling for the Pentagon to implement zero trust architecture to counter cybersecurity threats, Fedscoop reported Wednesday. The document titled “The Road to Zero Trust (Security)” notes that ZTA can help the Department of Defense track and block threat actors and manage rules of access for devices and users across the department to facilitate secure data sharing.

“The network design and flexibility of ZTA will help DoD more rapidly adopt and implement critical network technologies and enablers, ranging from cloud computing to artificial intelligence and machine learning,” according to the paper.

The document discusses DoD’s reliance on the perimeter security approach and the three basic steps of ZTA that should be applied within the network at the level of services and applications: verify the user, verify the device and verify access privileges.

“The traditional notion of perimeter-based security is no longer sufficient,” said Kurt DelBene, a board member and one the report’s authors. He added that with ZTA, organizations assume that the network is compromised.

The board outlines several questions to ask when implementing ZTA, including the use of an encryption key management strategy, enforcement of multifactor authentication and availability of processes to screen end-user devices for malicious software.

Check Also

Cybersecurity Strategy

Updated CISA Federal Cybersecurity Strategy Directs Improved CDM Scores Through FY 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to its action plan for strengthening federal cybersecurity in fiscal years 2020 through 2021. The initiative was led by Matthew Travis, the deputy director of CISA. CISA also cited evolving threat landscapes and limitations in cloud, network and encryption capabilities as challenges.