Cybersecurity measure
DISA Implements New Thunderdome Zero Trust Architecture
The Defense Information Systems Agency has rolled out the Thunderdome zero trust security and network architecture program to various locations, including in the Pacific and the Pentagon. Booz Allen Hamilton developed the prototype under a $6.8 million contract awarded in January 2022.
Speaking at a recent FCW and Nextgov workshop, DISA Deputy Director Chris Barnhurst said his agency concluded the prototype project but plans to continue improving Thunderdome through a follow-on production other transaction authority and expand its implementation to more locations, Federal News Network reported.
Thunderdome was built as a replacement for the Joint Regional Security Stacks deployed in the Department of Defense in 2013. The $2.2 billion JRSS has been helping the DOD improve cyber defense by reducing the number of vulnerable network entry points that hackers could use to compromise systems. A DOD inspector general, however, found 14 critical and high-level vulnerabilities that the system failed to address. According to a 2019 IG report, the JRSS weaknesses could result in unauthorized access to the DOD information network.
At AFCEA’s TechNet Cyber event in 2022, DISA Cyber Development Directorate Technical Director Drew Malloy said Thunderdome has a wider scope than JRSS. The current system deals with a mid-tier security stack but the new architecture secures endpoints, the applications data layer and other critical network components, the official explained.
DISA plans a gradual transition from the JRSS to Thunderdome as part of a network modernization effort. According to a previous DISA press release, Thunderdome will streamline DOD’s endpoint security solution set and improve its security posture as the Defense Department invests in new cloud technologies.
Category: Cybersecurity