Zero trust implementation
Navy Official Says Zero Trust Could Have Cushioned Impact of DOD File Leaks
Don Yeske, the Department of the Navy’s acting chief technology officer, said the recent leak of classified documents on the instant messaging platform Discord could have been detected sooner had the Department of Defense completed its implementation of zero trust. He explained at a C4ISRNET conference that zero trust assumes a breach has occurred, leading to continual checks on users and devices.
Yeske added that file access under that cybersecurity approach is checked against a set of policies, potentially allowing the identification of suspicious activity patterns.
DOD Chief Information Officer John Sherman previously said that the internal zero trust rollout would be finished by 2027. To that end, the department issued a strategy and road map for such efforts in November 2022.
Sherman, a 2023 Wash100 awardee and upcoming speaker at the Fourth Annual CIO Summit, said the 2027 deadline is “ambitious” but essential as adversaries advance their cyber capabilities.
According to Yeske, the Navy is proceeding well on its zero-trust implementation, adding that the 2027 deadline “is mostly realistic if the service can stay on course,” C4ISRNET reported.
Category: Cybersecurity