NOVEMBER 23, 2022 – Yesterday, the Department of Defense released the Department of Defense Zero Trust Strategy and Roadmap.
Current and future cyber threats and attacks drive the need for a Zero Trust approach that goes beyond the traditional perimeter defense approach.
The Department intends to implement distinct Zero Trust capabilities and activities as outlined in the strategy and associated Roadmap by FY27.
The strategy envisions a DoD Information Enterprise secured by a fully implemented, Department-wide Zero Trust cybersecurity framework that will reduce the attack surface, enable risk management and effective data-sharing in partnership environments, and quickly contain and remediate adversary activities.
The strategy outlines four high-level and integrated strategic goals that define what the Department will do to achieve its vision for ZT:
- Zero Trust Cultural Adoption – All DoD personnel are aware, understand, are trained, and committed to a Zero Trust mindset and culture and support integration of ZT.
- DoD information Systems Secured and Defended – Cybersecurity practices incorporate and operationalize Zero Trust in new and legacy systems.
- Technology Acceleration – Technologies deploy at a pace equal to or exceeding industry advancements.
- Zero Trust Enablement – Department- and Component-level processes, policies, and funding are synchronized with Zero Trust principles and approaches.
Implementing Zero Trust will be a continuous process in the face of evolving adversary threats and new technologies.
Additional Zero Trust enhancements will be incorporated in subsequent years as technology changes and our Nation’s adversaries evolve.
The Department of Defense Zero Trust Strategy and Roadmap can be found at the DoD CIO library.