HERNDON, Va. — The Pentagon, like all federal agencies, has to comply with a new cybersecurity policy — issued last month by the Biden administration — that calls for government networks to use a “zero trust” architecture.
The Defense Department’s chief information officer John Sherman said Feb. 10 that transitioning satellite-based networks to this more secure architecture is going to require significant coordination with commercial satcom operators that provide services to DoD.
“Our global economy, our U.S. and allied economy, so much of that data moves through the space domain. And so defending this area is absolutely critical,” Sherman said at the AFCEA Space Force IT conference.
Space has become “the high ground that is constantly under threat even more so now that we face near peer competitors,” said Sherman.
Zero trust is a method for protecting networks founded on the idea that no user can be trusted, and requires strong authentication methods for users, data and devices.
DoD’s space systems are complex as many are connected to private networks and can be attacked on multiple fronts. The Pentagon is now looking at how it will implement the zero trust policy, said Sherman. “Zero trust is the assumption that the enemy is on your network right now, that the adversary is already on the network so you don’t trust anything.”
Sherman said DoD will have discussions with commercial satcom providers on what responsibilities they would have in the transition to zero trust networks.
When DoD and commercial networks are integrated, they have to operate as a seamless unit and not create gaps that an enemy might exploit, said Sherman. As new cybersecurity protocols are put in place, the government has to understand how far it can go in accessing industry partners’ proprietary networks and technologies that the industry considers its “secret sauce,” he said.
“So I think this is going to be something we’re gonna have to continue to look at and work closely with the Space Force,” Sherman said. “We’re going to have to be very mindful how we approach this.”
The Pentagon last month awarded Booz Allen Hamilton a $7 million contract for a six month pilot effort to figure out how a zero trust architecture would be implemented across all DoD information systems.