The increasing complexity of current and emerging cloud, multicloud and hybrid network environments combined with the rapidly escalating and evolving nature of adversary threats has exposed vulnerability gaps within traditional cybersecurity protections.
Over the past several months, we have seen continued efforts by the Department of Defense to take new approaches to strengthen defenses. During the Cyberspace Solarium Commission in March, for example, federal lawmakers and outside experts recommended the National Guard and National Reserve have an increased role in combating catastrophic cyber scenarios, with the idea being to establish a special cyber reserve force that could take advantage of Guard members’ cyber expertise.
And in December, the Defense Innovation Unit and Cybersecurity Infrastructure and Security Administration signed a memorandum of understanding to collaborate on and improve cybersecurity initiatives, such as network and infrastructure security, web security, endpoint security, data security and digital risk management.
Although this is an important step toward better protecting federal networks, organizations within the DoD and intelligence community continue to have vulnerability gaps, according to a recent Government Accountability Office report. The DoD and IC have massive amounts of data — and while they may aim to leverage that data at speed and scale for operational advantage and increased efficiency, the government’s current approach to data management means that one of the three core tenets of data must always be sacrificed — either speed, accuracy or scalability (and complexity). With many agencies turning to a zero trust model for improved security, it’s important to note that the value of data decreases with time. Data becomes irrelevant, inaccurate and outdated as it ages — and large data volumes, legacy tooling and limited techniques to help identify the most relevant data result in a fraction of the collected raw data ever being accessed.
In other words, for a zero trust model to truly be effective, it’s critical that all three of the core data tenets remain in effect — sacrificing any one of those results in an ineffective solution.
With data growth and increase in Internet of Things devices comes a rise in cybersecurity threats. To better defend against malicious actors in real time, commands need timely, accurate data and improved visibility and control of the full environment — including who is granted access, and to what.
During the authorization process, IT teams need the real-time instrumentation on the devices the user is connecting from and the latest information about who they are, where else they might have logins inside the network, and other privileges. That information can be factored into a risk decision. Having that information in real time gives military organizations a more complete picture and an improved ability to assess the risk of that user requesting access into the network infrastructure – allowing them to better protect the highly sensitive data that resides in the enterprise.
In February, the National Security Agency released guidance encouraging the adoption of a zero trust security model, detailing what it is, benefits, and how to overcome implementation challenges. It also highlighted that the security strategy “requires continuous verification of the operational picture via real-time information fed from multiple sources to determine access and other system response.”
With zero trust, IT leaders within the DoD and IC can conduct a real-time user authorization process, and if granted access, determine what data they’re allowed to view. DoD cyber defenders are strained by growing military network threats and responsibilities — and zero trust security adds another layer of protection and helps relieve some of that stress the defenders carry.
The future is “zero”
The transition to a majority federal remote workforce has proven that security concerns can’t be resolved by disjointed solutions, by following policies and procedures that worked in the past, or by asking overstretched internal teams to simply do more.
To stay ahead of adversaries, the DoD and IC must continue to mature cyber capabilities, implementing zero trust models for their own organizations and encouraging deployment in the broader contractor community. Zero trust offers an opportunity to keep sensitive data secure and employees productive — if implemented using accurate, real-time data.
Egon Rinderer is global vice president of technology and federal CTO at Tanium.