The Department of the Air Force’s Office of the Chief Information Officer has released a new strategy that seeks to implement a zero trust approach as part of the DAF’s efforts to protect critical assets and strengthen its resilience against evolving cyberthreats.
The DAF CIO announced the release of the Zero Trust Strategy in a LinkedIn post published Tuesday.
The strategy “lays out how the DAF needs to evolve as a department by simplifying access and enhancing network security for our Airmen & Guardians,” the department’s Office of the CIO said in a statement on the professional networking site.
According to the document’s executive summary, the zero trust initiative will include evolving to dynamic risk management.
“This evolution includes standardizing on a risk maturity model to measure risk management effectiveness, and shifting from system-based to mission thread-based risk management to complement automated and autonomous prevention, protection, and remediation capabilities. Together, these capabilities accelerate the adoption of next-generation warfare by simplifying digital access, without sacrificing speed or security,” the executive summary states.
The strategy outlines seven strategic goals: application-level visibility and control; data as the new perimeter; right access, to the right entity, for the right reason; reduce the risk created by any single device; access to protected resources anytime, anywhere; automated security responses based on security policies; and improve detection and reaction time.
Each goal has several objectives. The objectives of the third goal, for instance, include enabling universal multifactor authentication and standardizing continuous authentication and authorization.
Venice Goodwine, CIO at DAF and a 2024 Wash100 awardee, will be one of the keynote speakers at the Potomac Officers Club’s 2024 Air Defense Summit on July 23. Register here to know about important updates on cutting-edge technology adoption, modernization initiatives and more.