While many improvements are being made in cybersecurity within the U.S. Department of Defense (DoD), the improvements are not keeping up with adversaries. The traditional approach to combat attacks, known as perimeter security, has been to establish boundaries and keep intruders from crossing those boundaries. Perimeter security is still needed, but this approach alone is not effective enough. Given the trends of multiple devices, virtual private networks, Cloud applications, and remote access, perimeter security is more difficult than ever. This is where Zero Trust enters. Zero Trust is a cybersecurity strategy and framework that embeds security throughout the architecture to prevent malicious entities from getting in. It assumes trust can be exploited and emphasizes assuming a breach and trusting no one.
This briefing will examine Zero Trust and its underlying principles. It will provide participants with valuable information on this central element of cybersecurity as the DoD looks to the future. Zero Trust is much more than a set of tools to be implemented – it necessitates a total paradigm shift in culture and application of security principles.