An upcoming wargame at U.S. Indo-Pacific Command will test zero-trust, the network-security approach that the Pentagon is betting can keep enemies at bay, keep allies from accessing certain secrets, and keep troops connected–even in combat.
INDOPACOM is building a network dubbed the Mission Partner Environment that will allow U.S. service branches and regional partners like the Philippines and Taiwan to share data they need without accessing unrelated classified files. It is built using zero-trust principles which are based on the assumption that all devices on a network could be compromised. Instead, they authenticate users.
INDOPACOM’s “multinational mission force network has gone 100% zero-trust” Rear Adm. Stephen Donald, the deputy commander of U.S. Tenth Fleet, said on Monday at the Association of Old Crows’ annual conference in Maryland.
As part of Exercise Keen Edge in early 2024,INDOPACOM will test how far it has come in implementing zero-trust and how that will affect real-time information sharing and security during a fight.
“We’re going to actually exercise with our multinational partners,” Donald said. The partner can only access the data they have been cleared to or authorized for. And it’s all controlled by a built-from-the-ground-up zero trust network. And we’re gonna see how well that works.”
Longer-term, the Navy hopes partners will adopt zero-trust more fully into their own security frameworks and practices.
“How can we work together to build zero-trust standards that are natively integrated into weapon systems? I think that’s gonna be a longer road, but we’ll see how this initially plays out,” he said.
Exercises like Keen Edge build on significant work the Pentagon has already done with coalition partners to build zero-trust solutions that work for the military, Rear Adm. Susan BryerJoyner, the deputy director for command, control, communications, and computer/cyber systems on the Joint Staff, said Monday.
Eighteen months ago when she began her job, BryerJoyner said, “Everybody was talking about zero trust and every conversation about zero trust and data-centric security was talking about an enterprise network,” as in, at the large cloud level.
But while the Defense Department is embracing enterprise cloud, following in the footsteps of large companies, the department’s security requirements–particularly for those operators close to combat where adversaries are using advanced electronic warfare tactics–are very different. They require both faster and more secure data sharing than is the case in the commercial world, she said. When I looked at the situation, I thought, “This will not help in a cyberspace or contested environment when we are trying to control and command that battle.”
That realization caused the Defense Department set up a number of summits titled Security Interoperability in the Tactic Environment (SITE), bringing in 8 coalition partners including the United Kingdom.
“We cannot afford to have delays at the enterprise-level. She said that this is the level of work we do with our coalition partners to ensure that, from day one, we are interoperable.
The post The military’s zero-trust plans are about to face a big test appeared first on Defense One.