The Department of Defense reports strong momentum toward meeting its goal of implementing a zero-trust security architecture departmentwide by 2027.
DOD’s Zero Trust Portfolio Management Office recently approved implementation plans from all military components.
One key takeaway from this milestone moment: Agencies that leveraged commercial solutions got a big head start on their zero-trust efforts.
For example, the Navy started to ramp up its use of the security capabilities within Microsoft 365 during the pandemic to empower remote work. That solid foundation helped to speed the Navy’s zero-trust journey.
Artificial intelligence can also be involved to streamline the implementation process without much manual effort. This automation will be necessary as agencies move forward with future iterations of zero-trust updates and initiatives.
Click the banner to read expert advice on enhancing zero trust for your agency.
Zero Trust Requires a Culture Shift Within DOD
DOD decision-makers can likewise take advantage of industry expertise as the department works to advance zero trust. CDW Government is already working in support of that effort.
We track best practices for zero trust in the commercial sector, what vendors are offering, and how organizations are using these tools successfully to harden their systems and data against potential threats. CDW acts as a trusted adviser across the public sector, helping military leaders and others pursue their zero-trust goals.
EXPLORE: Considerations for navigating the cultural shift to zero-trust integration.
While DOD’s efforts will surely include new technological safeguards, we’re encouraging the department to also look beyond the technology. It must consider the cultural changes that will be required to make zero trust a working reality.
Zero trust is not just something for IT to manage; it is first and foremost a mindset, a way of thinking about security. As DOD components move forward with their implementations, they’ll need to attend to that cultural piece and invest in training.
DOD Must Train Toward a Workable Zero-Trust Architecture
In practice, training should focus not just on the how — explaining what zero trust is and how it works — but also on the why, so that all military stakeholders understand the reasons behind the security strategy and how it applies to their roles. To generate broad buy-in, leaders must ensure that training addresses practical outcomes.
Training also can’t be a one-time occurrence; it needs to be repeated and refreshed as both cyberthreats and industry solutions continue to evolve. Here too, the private sector can play a key supporting role. A consulting partner can help ensure that DOD stays ahead of the curve, keeping pace with new perils and protections.
With a focus on training, supported by robust technological solutions, DOD components can begin to transition from the planning stages to a working zero-trust architecture.
Departmentwide adoption of zero trust by 2027 remains a goal, and the latest tally suggests that things are moving steadily along. Any progress made in that direction will help to harden the security of military data and systems, ensuring that DOD can meet the mission of national defense even in the face of rising adversarial cyber activity.
This article is part of FedTech’s CapITal blog series.
