The Defense Information Systems Agency (DISA) on May 13 released the initial Defense Department (DoD) Zero Trust Reference Architecture that aims to boost cybersecurity and “maintain information superiority on the digital battlefield.”
The Reference Architecture was developed with the DoD CIO, U.S. Cyber Command, and the National Security Agency (NSA).
“From start to finish, the development of this initial DoD ZT Reference Architecture has been a true team effort,” said Joe Brinker, the DISA Security Enablers Portfolio manager in a news release. “The partnership we’ve fostered through this process with our NSA, Cyber Command and DoD CIO mission partners was integral toward the development of a comprehensive reference architecture that was unanimously approved by DoD senior leadership.”
In early April, Acting DoD CIO John Sherman said that he wanted to work on making faster progress on implementation of zero trust.
“I really want to use this opportunity to move toward zero trust,” Sherman said during MeriTalk’s IT Modernization: 5 Keys to Success in 2021 event, adding “We have the pieces to make this work [including] robust endpoint, middlepoint, [and] comply-to-connect.”
The shift to zero trust places an emphasis on three guiding principles, DISA said, which include: never trust, always verify; assume breach; and verify explicitly.
“Moving forward, DISA will continue to partner with DoD components in planning the implementation of ZT across the department and the development of ZT-aligned enterprise capabilities,” DISA Security Enablers Portfolio manager Joe Brinker said.