Algo más sobre esta nueva iniciativa: https://dodcio.defense.gov/Portals/0/Do ... rategy.pdf
...
Introduction
This Zero Trust Strategy defines an adaptive approach for how DoD must champion and accelerate the shift to a Zero Trust architecture and framework that secures and protects DoD Information Enterprise (IE)6 within the Joint Information Environment (JIE)7 and pecifically the DoD Information Network (DODIN). 8 The intent of the strategy is to establish the parameters and target levels necessary to achieve Zero Trust (ZT) adoption across systems and networks (e.g., Nonclassified Internet Protocol Router Network (NIPRNet) and Secret Internet Protocol Router Network (SIPRNet)). This approach emphasizes the need for DoD and its Components9 to embrace evolving technology while adapting and responding to known and unknown malicious actors. It involves the full breadth of takeholders in the DoD ZT Ecosystem10 and allows strategic implementation to begin immediately.
Zero Trust is the term for an “evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources."11 At its core, ZT assumes no implicit trust is granted to assets or users based solely on their hysical or network location (i.e., local area networks versus the Internet) or asset ownership (enterprise or personally owned).12 This shift in philosophy is a significant change in legacy authentication and security mechanisms. It also represents a major cultural change that stakeholders throughout the DoD ZT Ecosystem, including the Defense Industrial Base (DIB), will need to embrace and execute beginning with FY2023 through FY2027 and in the future.
...