The Defense Innovation Board approved at its quarterly meeting in Silicon Valley a white paper calling for the Pentagon to implement zero trust architecture to counter cybersecurity threats, Fedscoop reported Wednesday. The document titled “The Road to Zero Trust (Security)” notes that ZTA can help the Department of Defense track and block threat actors and manage rules of access for devices and users across the department to facilitate secure data sharing.
“The network design and flexibility of ZTA will help DoD more rapidly adopt and implement critical network technologies and enablers, ranging from cloud computing to artificial intelligence and machine learning,” according to the paper.
The document discusses DoD’s reliance on the perimeter security approach and the three basic steps of ZTA that should be applied within the network at the level of services and applications: verify the user, verify the device and verify access privileges.
“The traditional notion of perimeter-based security is no longer sufficient,” said Kurt DelBene, a board member and one the report’s authors. He added that with ZTA, organizations assume that the network is compromised.
The board outlines several questions to ask when implementing ZTA, including the use of an encryption key management strategy, enforcement of multifactor authentication and availability of processes to screen end-user devices for malicious software.