An official website of the United States government Here's how you know

Zero Trust

By U.S. Army Cyber CommandMarch 14, 2023

Illustration of the key and binary code password
Illustration of the key and binary code password (Photo Credit: Spartak) VIEW ORIGINAL

What is Zero Trust (ZT)?
The Department of Defense (DoD) and the National Institute of Standards and Technology define ZT as an “evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources." ZT assumes that no implicit trust is granted to assets or users based solely on their physical or network location or asset ownership, and continuously authenticates, authorizes, and validates access to systems, applications and data. ZT systems go beyond managing entry, inserting security checks throughout entire systems, tagging data and verifying interaction, identification and verification of every part of a network from users to devices such as computers, servers, printers, phones and radios.

What is the Army ZT Functional Management Office and what are its objectives?
The Army recently established a ZT Functional Management Office (A-FMO ZT) to synchronize, integrate, implement, and execute the service-wide implementation of ZT in alignment with DoD and Army directives and objectives. Its vision is to create an Army unified network secured and defended by a ZT Architecture (ZTA) that enables the Army to operate as part of a joint or coalition force during competition, crisis, or conflict in support of Multi-Domain Operations.

To ensure unity of effort and implementation the A-FMO ZT executes its mission in close cooperation with a wide range of stakeholders. With the A-FMO ZT as its center, the Army core is comprised of policy organizations, including the Army Chief Information Officer, Army G-6, the Army Cyber Center of Excellence, and the Army Futures Command Cyber Capabilities Development Integration Directorate; operational organizations, including Army Cyber Command and the Army Network Enterprise Technology Command; and agencies such as the Assistant Secretary of the Army (Acquisition, Logistics and Technology), Army Program Executive Offices, and the Army Futures Command Network Cross-Functional Team that engage in both policy development and operations.

This is supported by a large community of interest participating in ZT deployment across the Army and DoD, including the DoD Chief Information Officer; the Defense Information Systems Agency; the U.S. Navy and its Fleet Cyber Command; the National Security Agency; the Joint Staff Chief Information Officer (J-6); the Army Principal Cyber Advisor; the Army Deputy Chief of Staff for Operations, Plans and Training (G3/5/7); the Defense Acquisition University; Army Futures Command; the Army Training and Doctrine Command; Army Forces Command; Army Materiel Command; and partner organizations in industry and academia.

What is the way ahead for ZT development?

The DoD has outlined several objectives for enabling and advancing ZT development, such as automating cyber and ZT with artificial intelligence; creating dynamic access control; building interoperability with secured data; continually updating ZT-enabled technology; visualizing and breaking down silos; simplifying architectures; automating data management; ensuring operations and performance are aligned and ZT supporting functions are effectively resourced; streamlining and accelerating acquisition and deployment of ZT capabilities; and building a workforce across the DoD that embraces and is committed to ZT cybersecurity.

The Army’s way ahead involves continuous improvement, optimization and integration of an Army Unified Network to achieve ZT target levels by 2027; maturing ZT gap analysis to inform related technology decisions and implementation for operationalizing Army ZTA; partnering with leading experts in government, industry and academia for additional opportunities to advance, accelerate and validate ZT solutions, integration and interoperability; continuing to align with DoD ZT directives, goals and objectives to establish an Army ZT Roadmap and Implementation Plan; and collaborating with generating and operational forces to develop and implement ZT curriculum, implementation guides and lessons learned.

What is the desired end state for the Army’s ZTA?
The Army aims to ensure secure information at all operational levels, providing users with access to required resources from any device from any location, enabled by:
-- A data-centric ZTA
-- Hybrid cloud resource hosting
-- A service edge for brokered access to resources and control of internet access
-- Cloud-based, internet-accessible unified endpoint and security management
-- An internet accessible identity provider
-- Logging, analytics and automated response

For a full look at the DoD ZT Strategy and ZT Capability Roadmap, and ZT planning and execution, go to https://dodcio.defense.gov/Library/.

To download a copy of this fact sheet and check out more Army Cyber and cybersecurity related fact sheets, go to https://www.arcyber.army.mil/Resources/

-----------------------

ABOUT US: United States Army Cyber Command directs and conducts integrated electronic warfare, information and cyberspace operations as authorized, or directed, to ensure freedom of action in and through cyberspace and the information environment, and to deny the same to our adversaries.

ARCYBER on the web: https://www.arcyber.army.mil
ARCYBER on Twitter: https://twitter.com/arcyber
ARCYBER on LinkedIn: https://www.linkedin.com/us-army-cyber-command
Army.mil cyber page: https://www.army.mil/armycyber

Interested in the challenge of joining the Army Cyber team? Check out military and civilian cyber career and employment opportunities by clicking on the "Careers" tab at www.arcyber.army.mil

Members of the Army Reserve and Army National Guard in the Signal, Cyber, Military Intelligence, Information Operations, Electronic Warfare, Civil Affairs and Psychological Operations fields interested in tours with Army Cyber Command can get more information at https://www.arcyber.army.mil/Careers/Reserve-Component-Tours-with-Army-Cyber/

The Army Cyber Direct Commissioning Program allows qualified service members and civilians with cyber-related qualifications and/or experience to join the Army’s Cyber Corps with a direct appointment as a commissioned officer? To learn more, check out our fact sheet at https://go.usa.gov/xJwXx