The Inner Circle

 View Only
  • 1.  DoD Zero Trust Strategy

    Posted 11 days ago
      |   view attached
    Hi All,

    The DoD just published The DoD Zero Trust Strategy

    This Zero Trust Strategy defines an adaptive approach for how DoD must champion and accelerate the shift to a Zero Trust architecture and framework that secures and protects DoD Information Enterprise (IE) within the Joint Information Environment (JIE) and specifically the DoD Information Network (DODIN). The intent of the strategy is to establish the parameters and target levels necessary to achieve Zero Trust (ZT) adoption across systems and networks (e.g., Non-classified Internet Protocol Router Network (NIPRNet) and Secret Internet Protocol Router Network (SIPRNet)). This approach emphasizes the need for DoD and its Components to embrace evolving technology while adapting and responding to known and unknown malicious actors. It involves the full breadth of stakeholders in the DoD ZT Ecosystem and allows a strategic implementation to begin immediately.

    Zero Trust is the term for an "evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources." At its core, ZT assumes no implicit trust is granted to assets or users based solely on their physical or network location (i.e., local area networks versus the Internet) or asset ownership (enterprise or personally owned). This shift in philosophy is a significant change in legacy authentication and security mechanisms. It also represents a major cultural change that stakeholders throughout the DoD ZT Ecosystem, including the Defense Industrial Base (DIB), will need to embrace and execute beginning with FY2023 through FY2027 and in the future.

    @John Yeoh
    @Daniele Catteddu
    @Erik Johnson



    ​​​​

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------

    Attachment(s)



  • 2.  RE: DoD Zero Trust Strategy

    Posted 4 days ago
    Highly informative ZT Strategy document with a wealth of information. Thanks for sharing!

    ------------------------------
    Peter Holcomb
    ------------------------------



  • 3.  RE: DoD Zero Trust Strategy

    Posted 4 days ago





  • 4.  RE: DoD Zero Trust Strategy

    Posted 3 days ago

    Thank you very much for sharing the information!

    I find it very interesting how the DoD approaches the transition to ZT. Also the separation of target & advanced levels of ZT capabilities makes it much more approachable for an organization planning to adopt a ZT strategy. 

    Does anyone know when the DoD plans to publish the outcome descriptions of each of the capabilities? The DoD requested outcome descriptions for the capabilities in APPENDIX A.

    BR 
    Andreas



    ------------------------------
    Andreas Baeuml
    Consultant
    Unknown
    ------------------------------



  • 5.  RE: DoD Zero Trust Strategy

    Posted 3 days ago
    Hi,

    I'll follow up in the coming weeks.

    Best regards,