The Defense Department's chief information officer told senators on Capitol Hill today that the department is working swiftly towards implementing a "zero trust" computing environment and adopting cloud computing.
"At last, the department has access to enterprise cloud capabilities from four world-class U.S. vendors’ at all three security classification levels from the continental United States to the tactical edge," said John B. Sherman during testimony before the Senate Armed Services Committee's cybersecurity subcommittee.
The department's Joint All Domain Command and Control effort, as well as work involving artificial intelligence and machine learning, software modernization, and cybersecurity, will all benefit from the corporate cloud, Sherman told lawmakers.
"[Zero trust] is predicated on the assumption that an adversary might already be on our network, and we must prevent them from moving laterally and gaining access to our most critical data," Sherman said.
The department's plans to go beyond conventional network security measures are outlined in the Zero Trust Strategy and Roadmap. These include reducing network attack surfaces, enabling risk management and efficient data sharing in partnership environments, and containing and remediating adversary activities over the course of the next five years.