CIO John Sherman-led Pentagon is swiftly adopting a zero-trust cybersecurity approach throughout the US military to counter evolving cyber threats in 2023 and beyond.
Adopting Zero-Trust Cybersecurity Approach
Pentagon's Chief Information Officer, John Sherman, has announced a significant cybersecurity move. The Pentagon leadership is set to evaluate and implement stricter security measures, known as zero-trust, across the entire US military.
Interesting Engineering reported that they aim to complete this by the end of the year, recognizing the growing cyber threats in 2023 and beyond. The assessment is led by Randy Resnick, Director of the Zero-Trust Portfolio Management Office, and his team.
Sherman highlighted the importance of this step during his recent address at the Billington Cybersecurity Summit in Washington, emphasizing the need for a fundamental shift in cybersecurity given the challenges ahead.
Different Kind of Security
The zero-trust cybersecurity method is different from the usual way of thinking about security. Instead of assuming a network is safe, C4isrnet reported that zero-trust assumes that networks are always at risk or might have already been hacked.
This means we must continually check all devices, users, and their access levels in the digital world. Last November 2022, the Pentagon introduced its zero-trust strategy. It includes a detailed plan for the new cybersecurity approach.
This plan lists many things we need to do to create a "targeted" zero-trust system by 2027. There are also more advanced steps for the future.
Alarming data underscores the pressing need to bolster the digital defenses of the U.S. military, as per Politico. A recent Government Accountability Office report revealed that the Department of Defense has faced more than 12,000 cyberattacks since 2015.
While the annual numbers have decreased since 2017, the growing cyber capabilities of countries like Russia and China emphasize the timeliness of this effort.
Sherman emphasized that different approaches could be taken by defense organizations to achieve the overarching goal of zero-trust security.
Nevertheless, he stressed that the ultimate objective remains unchanged. He likened the endeavor to a "pick-your-own adventure" scenario with profound national security implications. Sherman emphasized the widespread adoption of zero-trust principles within the department.
He remarked that when combatant commanders and the Chairman of the Joint Chiefs of Staff are in alignment on zero-trust, it becomes evident that these principles are deeply ingrained in the Pentagon's culture.
What to Expect
As the Pentagon prepares for a rigorous evaluation period, the upcoming weeks are poised to be pivotal in shaping the future cybersecurity framework of the United States military.
While the 2027 deadline may seem distant, the urgency is palpable due to the ever-present challenges and threats in cyberspace. The Pentagon's proactive move signifies a determined stride forward in the battle against increasingly sophisticated cyber threats.
With zero-trust firmly established as a cornerstone within the defense establishment, the US military aspires to redefine cybersecurity standards for itself and potentially set a benchmark for other institutions grappling with the complexities of securing data and systems in this digital age.