Leslie Beavers, principal deputy chief information officer of the Department of Defense and a 2024 Wash100 awardee, said DOD has initiated efforts to establish a zero trust environment, such as defining the requirements from a capability standpoint and setting objectives for military services to meet the deadline for the capability by 2027.
“The services have submitted their plans to us, and those are currently being evaluated. There are more than 90 capabilities that are required to meet the basic level of zero trust,” Beavers told FedTech Magazine in an interview published Tuesday.
“We’re focusing on the required compliance capability at its highest level — tag the people, tag the data and audit. We’re well on our way,” she added.
Beavers stated that DOD will continue to implement perimeter defense and perform identity and access management and endpoint monitoring activities.
The principal deputy CIO discussed the challenges DOD faces when it comes to implementing zero trust, including the need to facilitate data sharing while safeguarding information, and cited efforts to upgrade existing technologies and buy new platforms to build zero trust.
When asked about the lessons learned that she could share with other CIOs, she said the process begins with “getting back to basics and doing basic cybersecurity.”
“With zero trust, you’ve got to know what you have and who’s on the architecture. Starting with the basics and getting really good at that is the first and biggest step. You do that as you start trying to map out your architecture so you can instrument it to tag the people, tag the data and audit it,” Beavers noted.
Beavers will deliver a keynote at the Potomac Officers Club’s 5th Annual CIO Summit on April 17. Register here to learn more about the latest modernization strategies and how industry can help meet the priorities of federal CIOs.