DoD ZERO TRUST
REMEDIATION. IMPLEMENTATION. MANAGEMENT.
Metis Defense helps organizations work towards the all-important goal from the Department of Defense (DoD) and other agencies in adopting and implementing Zero Trust architecture environments for their information systems. In a push to adopt for stringent information security and cybersecurity controls, the DoD, with it's Zero Trust Strategy and Roadmap, has laid out how it plans to move beyond traditional network security methods to achieve reduced network attack surfaces, enable risk management and effective data-sharing in partnership environments, and contain and remediate adversary activities over the next five years. Current and future cyber threats and attacks drive the need for a Zero Trust approach that goes beyond the traditional approach that stresses a mere perimeter defense.
Zero Trust implementation will be a continually evolving process in the face of escalating adversarial threats and newly developing technologies. Additional Zero Trust enhancements will be incorporated in ensuing years as technology changes and our Nation's adversaries evolve.
What is Zero Trust Architecture
Per NIST SP 800-207 Zero Trust Architecture, "Zero Trust is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the Internet) or based on asset ownership (enterprise or personally owned).”1 Zero Trust (ZT) requires designing a consolidated and more secure architecture without impeding operations or compromising security. The classic perimeter/defense-in-depth cybersecurity strategy repeatedly shows to have limited value against well-resourced adversaries and is an ineffective approach to address insider threats.
DoD Vision for Zero Trust
ZERO TRUST CULTURAL ADOPTION
All DoD personnel are aware, understand, are trained, and committed to a Zero Trust mindset and culture and support integration of ZT.
DOD INFORMATION SYSTEMS SECURED & DEFENDED
Cybersecurity practices incorporate and operationalize Zero Trust in new and legacy systems.
TECHNOLOGY ACCELERATION
Technologies deploy at a pace equal to or exceeding industry advancements.
ZERO TRUST ENABLEMENT
Department- and Component-level processes, policies, and funding are synchronized with Zero Trust principles and approaches.
These measures, and much more, ultimately affect contractors within the larger Defense Industrial Base (DIB) apparatus. Bottom line, it’s not only the DoD and other federal agencies who need to work towards Zero Trust - it’s all the hundreds of thousands of federal contractors in the DIB.
How Metis Defense Can Help with DoD Zero Trust
Strategy
Implementation & Execution
Design
Continuous Monitoring
Benefits of a Zero Trust Architecture
Increased threat protection against both internal and external threats
Increased visibility and transparency
Increased data privacy protection
Accurate inventory of organizational assets
Improved monitoring and alerting
TRUSTED
Trusted Advisors to both Federal Agencies and Federal Contractors
RESPECTED
Well-known and Respected Throughout the Federal Agency Apparatus
UNIQUE
A Unique Combination of Knowledge, Expertise, and Capable Manpower
