The Department of the Air Force has completed its Zero Trust Implementation Plan, according to Justin Stolpman, director of the department’s Zero Trust Functional Management Office.
In a LinkedIn post published on Tuesday, Stolpman shared that the plan is built around defined steps and milestones to guide the Air Force and Space Force as they move forward in their adoption of zero trust.
Zero trust, he wrote, is not a new idea. With the recent increase in the number and complexity of cyberattacks, the concept has now “gained more attention and urgency,” than in years prior.
“By implementing Zero Trust, the Department of the Air Force aims to reduce its attack surface, improve its visibility and control over its assets and enable faster and more effective responses to incidents,” Stolpman said.
The plan is divided into seven domains, which include user, device, network, data, application, automation and visibility. Each segment of the strategy notes the area’s current state and ideal end state as well as gaps and challenges that should be addressed and actions and metrics needed to attain a zero trust framework.
The DAF’s strategy represents a key part of the broader Department of Defense push for DOD-wide zero trust adoption. On Tuesday, Randy Resnick, director of the Zero Trust Portfolio Management Office within the department’s Office of the Chief Information Officer, said the office has received 43 zero trust implementation plans that are now up for review.
He said that the department is “confident” that around 80 to 90 percent of the plans will reach set DOD standards, and he expects to go back and forth with organizations to perfect their strategies.
Zero trust is just one way the public sector is working to upgrade its information technology systems. At the Potomac Officers Club’s 5th Annual CIO Summit in April 2024, you will have the opportunity to hear from top IT experts on how the federal government is working to strengthen its digital capabilities. Click here to learn more, and click here to register for the event.