Last week, the Defense Intelligence Agency held the annual Department of Defense Intelligence Information Systems (DoDIIS) Conference. The event brought together over 5,000 decision makers, technical experts, stakeholders, and innovators within the DoD, IC, industry, academia, and FVEY partners to share their knowledge and insight on this year’s conference theme, “Transcending Strategic Competitors through Innovation, Adaptation, and Collaboration.” Maintaining a strategic and tactical advantage calls for collectively developing and unleashing emerging technologies that help us innovate, collaborate, and adapt in an ever-evolving landscape.
The words Zero Trust were heard frequently throughout the conference and on the exhibit hall floor. Interestingly, not too long ago, Zero Trust seemed to be the buzzword du jour and a good idea in theory, but it was a concept that many did not fully grasp.
Now, this is not the case and the DoD is dedicated to making it part of their daily vernacular as outlined in the recently released DoD Zero Trust Strategy. Bottom line: everyone in the DoD is expected to adopt this architectural framework and operate with a Zero Trust mindset to achieve cyber resiliency and ultimately thwart our adversaries.
Securing the DoD information enterprise requires a strong foundation. The DoD has defined seven foundational pillars of the Zero Trust DoD Security Model:
Historically, the attention was on making heavy investments in network-centric security capabilities and solutions–and rightfully so, as they are designed to keep outsiders from coming in. These technologies were aimed at augmenting and strengthening those first six pillars. However, the basic premise of Zero Trust assumes data breaches aren’t just from outsiders breaking into the DoD’s digital walls but that they can come from the inside as well. This begs the question of, “What safeguards are in place to protect the actual data objects itself, especially after it moves or is shared–internally and externally?” After all, data is a cross-domain, strategic asset and that is ultimately what our adversaries are after. This is where Virtru comes in with a data-centric approach.
“Ours is a world where everything starts with data,” said DoDIIS plenary speaker, Dr. Stacey Dixon, Principal Deputy Director of National Intelligence. “We have a particular responsibility to think and act strategically about data including the development of data management plans, plans to take and deliberate action from the point of collection and the point of acquisition of that data, all the way to its exploitation, dissemination, and its ultimate disposal.”
We could not agree more with Dr. Dixon. At Virtru, we say that we “Respect the Data.” We understand that data comes from many different places, intersects with numerous data sources and is handled by myriad people and parties across the globe. We also understand the nuances of data handling, ensuring policies are in place and compliance is met. We also realize that while data needs to have the highest protections, sharing data cannot be a friction-filled process. It must be discoverable and interoperable. When operating at the speed of war, data security is tantamount to delivering the RIGHT data to the RIGHT people quickly and at scale.
In line with the DoD Zero Trust Strategy, the time is now to Respect the Data Pillar. Virtru’s solutions can enhance your organization’s cybersecurity plans, allowing you to adopt a policy-driven, data-centric approach to protecting your data, everywhere it moves, for as long as it lives.
Our capabilities are built upon the Trusted Data Format (TDF) which leverages military-grade encryption to wrap data objects in a layer of security that remains with the data wherever it flows through email, files, and applications. TDF is an open standard that was born out of the Intelligence Community, created by Virtru’s Chief Technology Officer, Will Ackerly, during his time at the National Security Agency. TDF can be layered upon your existing applications and workflows, so there is no need to start from scratch as you fortify your Zero Trust architecture.
With Virtru, you have more power and control over your data. It can be shared without sacrificing security, privacy, or control…everything it means to respect the data pillar in your Zero Trust architecture. Virtru has other capabilities that make enhanced collaboration possible:
Virtru is trusted by over 7,000 customers and is trusted by federal agencies, state and local governments, and companies in the commercial sector. Contact federal@virtru.com to learn more about how we can equip your agency or organization to help you implement data-centric, Zero Trust security.