Zscaler has been selected by the Defense Innovation Unit (DIU), a U.S. Department of Defense (DoD) organization, to deliver a secure cloud management solution, the company reported on Friday.

“Zscaler will minimize the attack surface by directly connecting people to the internet and their applications. Our innovative approach also delivers a great experience for personnel no matter their location, device, or network, through our globally distributed cloud,” said Drew Schnabel, vice president of Federal at Zscaler.

Zscaler will provide zero trust access to protect DIU users and cloud services from cyberthreats, regardless of where personnel will work or what devices they will use. The company’s solution has the potential to scale to other DoD organizations through a production Other Transaction (OT) agreement.

DIU has enhanced U.S. national security through accelerating the adoption of commercial technology throughout the DoD. Zscaler ‘s platform will power DIU secure cloud management solution, allowing DIU users to securely access SaaS applications across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.

Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) will protect organizations across a multi-cloud environment with a wide range of applications and infrastructure including SaaS, PaaS and IaaS environments.

ZPA is the first zero trust remote access cloud service to achieve FedRAMP high authorization, and the Zscaler platform is in-process for Impact Level 4 and 5 authorization. ZIA is authorized as FedRAMP moderate and DOD Impact Level 2. Both ZIA and ZPA meet Trusted Internet Connection (TIC) 3.0 guidelines.

The company will provide security at scale to reach 500 thousand concurrent users and 1 million endpoints. Zscaler has developed the company’s solutions to handle an unlimited number of concurrent individual user connections. The platform has processed more than 100 billion transactions per day.

Zscaler has also integrated a true secure access services edge (SASE) to ensure that people can access the internet and applications with minimal latency from any device, bring your own device (BYOD) or government furnished equipment or location because the company’s cloud connection is local.

“Zscaler has been a zero trust leader since our inception, and we are proud to work with DIU to help protect the Department of Defense from adversaries threatening national security,” added Schnabel.

About Zscaler

Zscaler (NASDAQ: ZS) enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access™ and Zscaler Private Access™, create fast, secure connections between users and applications, regardless of device, location, or network.

Zscaler services are 100 percent cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances are unable to match. Used in more than 185 countries, Zscaler operates a multi-tenant distributed cloud security platform, protecting thousands of customers from cyberattacks and data loss.

Mark Lewis, director of research and engineering for modernization at the Department of Defense (DoD), DoD has begun to adopt “zero trust” model to speed up the acquisition of microelectronics and strengthen security, FedScoop reported Thursday.

Zero trust architecture requires continuous verification as users try to access resources on a network regardless of their relationship to an organization or physical location.

“We’ve seen a number of examples where the biggest threats that we face often are the insider threat. It’s the people inside the fence line, behind the guards, who we think we’ve cleared,” Lewis said at an AFCEA virtual symposium. “They’re the ones that pose the biggest threats to us.”

Lewis also shared his insights on the "trusted foundry" method compared with zero trust.

Michael Kratsios, U.S. chief technology officer and a 2020 Wash100 Award winner, wrote in a commentary published Wednesday on The Wall Street Journal about the launch of the Global Partnership on Artificial Intelligence by tech ministers of the Group of Seven, an international economic organization composed of seven countries.

Kratsios, who also serves as deputy assistant to the president for technology policy, said GPAI will bring together professionals from governments, academia, industry and civil society to pursue AI-related research and advance workforce development efforts to promote AI innovation.

“In this new forum, like-minded nations will work together to encourage the development of AI in line with our shared values,” he wrote. “Most immediately, GPAI members will commit to developing and using AI responsibly to fight the coronavirus pandemic—including efforts to speed up drug discovery, improve disease diagnosis, and aid telehealth services.”

The establishment of GPAI is one of the efforts G7 science and tech ministers will work on in response to the COVID-19 pandemic. The partnership is part of the G7 declaration unveiled Thursday.

The Government Accountability Office (GAO) has found that some federal agencies had “conflicting parameters” for their cybersecurity requirements for ensuring the secure access and use of government data.

GAO said in its report released Wednesday that it assessed the Centers for Medicare and Medicaid Services (CMS), Internal Revenue Service (IRS), Social Security Administration (SSA) and FBI as part of its study and found that the total amount of conflicting parameters among the four agencies reached 49 to 79 percent.

Such parameters include specific values such as the number of unsuccessful logins needed before locking out users.

According to the watchdog, the Office of Management and Budget (OMB) must improve its coordination efforts to properly establish cybersecurity parameters among federal agencies.

GAO noted that federal entities previously reported spending $45 million on assessments of state agencies' cybersecurity posture during fiscal years 2016 through 2018.

The U.S. Immigration and Customs Enforcement (ICE) released a report on the risks associated with using facial recognition services (FRS) for law enforcement and how the agency mitigates the abuse of such technologies.

ICE’s Homeland Security Investigations (HSI) unit said in its report dated May 13 that ICE submits FRS-taken images of suspected individuals to third-party vendors in cases where the collected data does not match with any identifiable information.

According to HSI’s privacy impact assessment, the Department of Homeland Security (DHS) periodically audits employees’ use of FRS to ensure regulatory compliance and will only procure FRS technologies from approved commercial entities. However, ICE may use uncertified FRS tools in "exigent circumstances”, according to the report.

HSI noted that ICE only submits the "minimum amount of information necessary” for authorities and their commercial partners to produce a result for biometric queries. 

Risks highlighted in the report include inaccurate third-party database information, reliance on low-quality imagery and potential use of FRS images for activities beyond the intended scope. 

“While the technology itself does have far reaching privacy implications, HSI has established processes and procedures to mitigate the impact of an FRS on individuals,” the report states. “Through proper collection techniques, candidate vetting, and supervisor oversight, HSI endeavors to use FRSs in as much of a privacy sensitive manner as possible.”

Air Force Research Laboratory (AFRL) and Air Force Special Operations Command have partnered to develop and demonstrate airdrops of palletized munitions. The early test demonstrated the delivery of air-launched weapons in large amounts, Wright-Patterson Air Force Base said Wednesday.

A Lockheed Martin-made MC-130J tanker aircraft performed the airdrop tests at Dugway Proving Ground in Utah. A roller system deployed combat expendable platforms or wooden pallets that contained the simulated munitions.

The simulated munitions weighed the same as their actual weapon counterparts such as the Extended-Range Cargo Launch Expendable Air Vehicles or CLEAVERs. AFSOC plans to demonstrate airdrops with glider, powered and full-up vehicles in the future.

“CLEAVER represents a different approach to launching large numbers of long-range weapons, which will bring a new dynamic to the high-end fight," said Col. Garry Haase, who leads AFRL’s Munitions Directorate.

The National Institute of Standards and Technology (NIST) has published a request for information to seek inputs on the usage of positioning, navigation and timing services. NIST said Wednesday that it is also looking to obtain information on cybersecurity risk management methods that can secure PNT offerings.

As stated in the RFI, interested vendors are required to validate the effects of PNT service disruptions, identify sector-specific standards and describe recovery and response efforts to service interruptions. The agency also aims to determine the sectors that are in need of PNT services.

NIST will accept responses to the notice until July 13. The agency eyes the release of an initial PNT draft document in the summer. NIST will also issue a solicitation for the document prior to the release of the final version on February 12, 2021.