The Department of Defense is ready to take the transition of its network defenses to zero trust principles seriously. The Pentagon plans to release a formal zero-trust strategy by mid-September, wants to have an enterprise-wide zero-trust implementation in place by 2027, and is already in talks with commercial vendors on how to implement zero trust in the cloud.
The White House last year Executive Decree on Cybersecurity asked all federal agencies to develop plans to move to a zero-trust architecture. The DoD released its first reference architecture shortly before EO and has since updated it to a 2.0 release. But Defense officials said the strategy expected to be released next month will outline specific steps DoD components and their suppliers will need to take to implement zero trust.
“We are committed to implementing zero trust at scale for our business of more than 4 million people that we lead,” DoD CIO John Sherman said during a speech at a Fedscoop event this week. .