DOD Chief Information Officer Says Zero Trust Could Have Prevented Document Leak

The Department of Defense’s chief information officer said zero trust would have made it easier for officials to detect and prevent the national security document leak that happened in April.

John Sherman, a 2023 Wash100 winner and a speaker at the Potomac Officers Club’s upcoming 4th Annual CIO Summit, said during the Armed Forces Communications and Electronics Association’s TechNet Cyber conference that the DOD has been struggling with document leaks for years.

The Pentagon published its zero trust transition strategy in November, envisioning a full zero trust adoption by the fiscal year 2027, Defense News reported Thursday.

Leaders across the U.S. military have shared sentiments similar to those of Sherman’s regarding zero trust. Don Yeske, the chief technology officer of the Department of the Navy, said in a C4ISRNET interview in April that the zero trust principle automatically assumes that networks are either compromised or will be inevitably compromised.

The U.S. military is working to get zero trust up and running across the U.S. On Monday, the Defense Information Systems Agency sought information from vendors that can provide an orchestration capability to a zero trust program for the DOD Information Network.

Elsewhere in the federal government, the Cybersecurity and Infrastructure Security Agency released an updated version of the Zero Trust Maturity Model, which focuses on five main pillars: identity, devices, network, data and applications and workloads.