The Department of Defense (DoD) is requiring its components and military services to meet target level goals of the Pentagon’s Zero Trust Strategy by fiscal year 2027. But for the U.S. Army, this goal is especially challenging given its unique and large-scale operational environment.
During a GovCIO online seminar on July 18, Mark Kitz – the Program Executive Officer for the Army’s Program Executive Office for Command, Control and Communications-Tactical – outlined that the primary challenge for the Army in achieving the Pentagon’s Zero Trust Strategy objectives is developing a service-specific approach for implementing Zero Trust principles across its diverse spectrum of tactical and enterprise operations.
In 2022, DoD released its zero trust strategy and roadmap outlining how the agency plans to fully implement a department-wide zero trust cybersecurity framework by fiscal year (FY) 2027. The department laid out high-level goals — cultural adoption, security and defense of DoD information systems, technology acceleration, and zero trust enablement — to achieve that vision.
“Our biggest challenge has been how do we protect, defend, and deliver on zero trust pillars across this diverse scale of a tactical and enterprise Army,” Kitz said.
He explained that implementing zero trust at the scale of the Army requires do that in a wide range of environments – anywhere from a “battalion deploying with radios in austere networks to tens of thousands of Army families at Fort Liberty leveraging the network.”
Kitz also explained that to ensure that the service branch is making meaningful investments to implement the Pentagon’s zero trust goals it is gathering insight from industry and other Federal agencies to determine “how [to] implement zero trust in a meaningful way.”
“One of our challenges in this zero trust journey has been prioritizing our ability to protect and defend our network and our capabilities,” Kitz said. “We don’t want to spend tens of millions of dollars protecting a capability that may not benefit from that investment.”
He explained that given “the uniqueness of the Army” the service branch will focus on ongoing improvement, expert collaboration, zero trust gap analysis, aligning with DoD directives, and creating zero trust curriculum and implementation guides.
In November 2023, the DoD Chief Information Officer received 39 Zero Trust implementation plans from military services, defense agencies, and combatant commands. Version 2.0 of the implementation plans is due to DoD in October.
