Barriers to a Unified Security Approach
Part of the problem is that some of the missions of different military branches and units are very specific and require zero-trust solutions tailored to, for example, airplanes or tanks, Stoyanov adds.
While intelligence sharing between branches will lead to synergies over time, that’s not how things have played out to date.
“I’m seeing the federal civilian side setting up groups for knowledge sharing,” Stoyanov says. “I’m not seeing that in DOD.”
EXPLORE: Why the Navy is expanding its AI capabilities.
The Pentagon also lacks an agency such as CISA driving network visibility efforts departmentwide as part of an initiative like the Continuous Diagnostics and Mitigation program.
Civilian agencies’ cloud platforms, data centers and computers can connect to networks, but the DOD has more hard assets, such as airplanes, that can’t do so for security reasons. That’s one of the reasons the Pentagon has more than 10,000 networks, the infrastructure for which needs consolidating, Stoyanov says.
Between his Common Access Card and usernames and passwords for various systems, Stoyanov says, he had to keep track of five user accounts while he was a federal employee. DOD applications must operate across those different infrastructures.
Click the banner below to learn how federal agencies are implementing zero trust architecture.