Cybersecurity leaders across the U.S. military said they are accelerating efforts to modernize networks, tighten access controls, and defend against evolving threats.
During a Feb. 10 webinar hosted by Federal News Network, officials outlined new programs to speed technology development, strengthen zero trust protections, and support operations in challenging environments.
Army Cyber Command advances agile development and threat hunting
Brig. Gen. Brian Wisniewski, deputy commanding general for reserve affairs at Army Cyber Command, said innovation is a priority for the organization when defending against cyber threats.
A major initiative the command is leveraging is the Transforming in Contact 2.0, which is designed to push emerging technologies – including electronic warfare prototypes and aerial jammers – directly into Army units to improve mobility and lethality.
Under the Transforming in Contact 2.0 initiative, a cyber development team “recently engineered and developed and implemented a series of tools that are actually in production now across the DOD Information Networks,” Wisniewski said. The tools were built and fielded using agile methodologies to streamline development and deployment.
Wisniewski also pointed to a new hunt assessment methodology developed by Col. Timothy Sikora and the Cyber Protection Brigade. The approach combines traditional cyber threat hunting with cyber operational readiness assessments and follow-on red team testing.
“What’s neat is the way they’ve anchored that in sort of a risk framework,” Wisniewski said, noting the model is informed by current cyber threat intelligence. That framework allows teams to prioritize limited resources on the most critical cyber terrain.
NGA pushes zero trust and continuous authorization
The National Geospatial-Intelligence Agency (NGA), like other Pentagon components, is working to meet zero trust standards outlined by the Defense Department (DOD), which was rebranded as the War Department by the Trump administration.
The DOD has worked since 2022 to implement a departmentwide zero trust framework for its IT systems, with full adoption set for fiscal 2027. It issued separate zero trust guidance for operational technology last year. The department plans to update its Zero Trust Strategy this year and provide additional guidance for weapon systems and defense critical infrastructure.
“Zero trust has brought our focus back to the need-to-know philosophy using technology as an enabler for an assumed breach mentality,” said Gary Buchanan, NGA’s chief information security officer. “The concept seems trivial; however, the enablement brings a cost.”
Buchanan said NGA is in year two of its implementation and on schedule to meet DOD’s timelines. He credited support “from the highest levels of government” for helping advance the effort.
Buchanan said NGA invested first in enterprise capabilities such as identity, access management, and auditing systems, then offered those services across the agency. For programs that cannot fully use enterprise tools, NGA developed an internal assessment tool, known as PICA, to identify gaps in zero trust capabilities and guide budgeting and planning.
Coast Guard ties cyber strategy to Force Design 2028 modernization
At the Coast Guard, cybersecurity is tied into its broader modernization strategy, Force Design 2028.
Ryan Bellack, deputy director for infrastructure and cybersecurity services, said the plan includes more than $25 billion in investment focused on people, organization, acquisition, and technology. The service also plans to add more than 15,000 service members – about a 30% increase – requiring secure systems that can support a larger, more distributed force.
Because the Coast Guard often operates in denied, degraded, intermittent, and limited connectivity environments, cyber resilience is critical, he observed.
A key cyber initiative is the Rapid Response Prototype Team, known as Raptor. The team brings together operators, cyber specialists, engineers, and acquisition staff to quickly develop and field secure technology.
“We start at the beginning with our operators … and they all have a shared vision of a mission outcome,” Bellack said. “In my experience, I think this is the fastest that I’ve seen government move while still delivering outcomes.”