Five Eyes Nations to Discuss Tactical Zero Trust
The U.S. military so far has explored zero-trust cybersecurity solutions primarily at the enterprise level but is now discussing the concept with officials in Australia, Canada, New Zealand and the United Kingdom.
The five countries collectively make up what is known as the Five Eyes nations because of their close cooperation on sharing intelligence.
Navy Rear Adm. Susan BryerJoyner, deputy director, Command, Control, Communications and Computer/Cyber Systems, J-6, Joint Staff, disclosed the discussions while serving on a panel at the AFCEA TechNet Indo-Pacific conference in Honolulu.
Adm. BryerJoyner noted that the military currently is implementing zero trust specifically at the enterprise level. “And I think we all intuitively understand that zero trust probably is not going to look the same in the tactical environment, nor should we try and force that enterprise solution to work in the tactical environment.”
RDML BryerJoyner @USNavy, Dept J-6, JAD-C2/DDJ6 @thejointstaff: How do we free the data from networks, from systems, and remember, C2 is a verb. That is what we have to be able to do. And fires control is a key part but we have 5 other warfighting functions as well #AFCEATechNet— Kimberly Underwood (@Kunderwood_SGNL) November 3, 2022
Therefore, Pentagon officials earlier this year began assessing security and interoperability in the tactical environment, asking such questions as what zero trust will look like for fire control systems, tactical networks and nontraditional information technologies.
“We had our first meeting in September. Our next meeting’s coming up in December, and we're bringing the five eye partners. We've invited them so we can start to talk about not just what it looks like for the U.S. forces but what it looks like as we're trying to share data at tactically relevant speeds in the operational environment—not bringing it back, although that's going to be important,” she said.
I think we all intuitively understand that zero trust probably is not going to look the same in the tactical environment, nor should we try and force that enterprise solution to work in the tactical environment.
She pointed out that the Pentagon works with the Defense Information Systems Agency (DISA) on enterprise zero trust, and she stressed the need for users to have only one identity that must extend out to the tactical environment.
“And how are we going to do it for our partners? That's really important. And so again, a partnership with the combatant commanders, for the services with DISA, with NSA [National Security Agency], with the IC [intelligence community], and now bringing in our [international] partners to figure out how we're going to share information in a secure way in a tactical environment.”