WASHINGTON — An addendum to the Pentagon’s zero-trust strategy, published in late November, is now in the works, following a meeting of the U.S. and some of its closest intelligence-sharing allies.
A three-day event at Fort Meade, Maryland, home to the Defense Information Systems Agency and U.S. Cyber Command, drew representatives from the Department of Defense and Five Eyes partners Australia, Canada, New Zealand and the U.K. The topic: zero trust, a new paradigm that assumes networks are already compromised and, as a result, require continuous validation of users and devices.
The Defense Department in a Jan. 5 announcement said the summit was fruitful, and that Australia and the U.K. shared their approaches to zero-trust development.
Both zero trust and international cooperation are foundational to the Pentagon’s Joint All-Domain Command and Control philosophy, or JADC2, which envisions interlinked forces and databases across land, air, sea, space and cyber. Such networking — seamlessly bridging old with new, close with far — does not yet exist.
“As the United States military pursues digital modernization and innovation — across departments, services, and countries — it will continue to capitalize on forums like the [Security Interoperability in the Tactical Environment] Summit to promote a shared understanding of how to advance JADC2,” the Defense Department said Thursday.
The pivot to zero trust and the pursuit of widespread connectivity come as the U.S. prepares for a potential fight with China or Russia, world powers capable of intercepting military chatter and siphoning sensitive information from thought-to-be-secure systems.
The Defense Department has since 2015 experienced more than 12,000 cyber incidents, according to a Government Accountability Office evaluation. Yearly totals have declined since 2017.
U.S. defense officials previously imposed a five-year deadline to implement zero trust. The zero-trust strategy, detailing more than 100 activities and capabilities that need satisfying, maintained the fiscal 2027 target.
“Implementation of our zero-trust goals, to include educating every corner of the department, is an ambitious undertaking,” acting Principal Deputy Chief Information Officer David McKeown told reporters in November. “We recognized that from the beginning, and that has driven our pace and informed our strategy.”
Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.