The U.S. Department of Defense Information Network – comprised of more than 15,000 unclassified, classified networked and cloud environments – is one of the world’s largest networks of networks. For the U.S., it is arguably the most sensitive conglomeration of networks.
The Defense Information Security Network, the backbone of DoDIN, is also reportedly subjected to nearly 800 million cybersecurity incidents per day, making the advancement of DoD’s cybersecurity strategy a vital and time sensitive priority.
Recent events – such as COVID-19 prompting security requirements to support a surge in virtual work, the evolving ransomware epidemic, and the Russian-Ukrainian clash – has further transformed the way that government has to approach security.
As a result, the zero trust framework has gained broad, if overdue, attention. Due to the complexity of zero trust supplemental guidance is critical to its successful widespread adoption.
For a network as complex and sensitive as the DoDIN, the task becomes all the more challenging. As such, the DoD launched Comply-to-Connect, a comprehensive framework that, unlike its predecessors, demands visibility of all assets (both non-traditional and traditional) across the DoDIN’s extensive enterprise.
Leveraging least privilege
C2C, which leverages zero trust’s least privilege principles to safeguard access to data resources and assets, provides the foundation of the DoD’s zero trust journey through its two main objectives:
— C2C fills existing capability gaps in currently fielded enterprise security solutions through complete device identification, device and user authentication, and security compliance assessment.
— C2C automates routine security administrative functions, remediation of noncompliant devices and incident response through the integration