As the Department of Defense (DoD) and other federal agencies continue their journey toward a zero trust future – they are adding cybersecurity controls closer to the data itself instead of relying on traditional perimeter security. Against this backdrop, the conversation around open technology continues to gain momentum. The principles of openness — transparency, interoperability, and flexibility — are vital in ensuring that solutions avoid vendor lock-in and can evolve alongside mission needs. But openness by itself, while valuable, can fall short if it doesn’t align with standards and commercial innovations that deliver faster time-to-value and reduced costs.
In this post, I’ll explore why the combination of open technology, open standards, and commercial platforms offers the most robust path forward—one that aligns with operational goals, policy priorities, and budget realities.
The Case for Open Technology
Open technology fosters flexibility by ensuring that agencies are not beholden to a single vendor. It provides the tools and frameworks necessary for organizations to create mission-specific solutions. However, implementing purely open solutions often requires significant customization, integration, and ongoing maintenance, which can:
- Delay deployment
- Increase costs for development and operation
- Require specialized expertise
The Solution? Combine Openness with Standards and Platforms
Standards and Platforms: Accelerating Value and Lowering Costs
To maximize the value of open technology, agencies should align with open standards and adopt commercial platforms that build upon these standards. Here’s why:
- Open Standards: Standards like the Zero Trust Data Format (ZTDF) provide a common framework for protecting sensitive data across diverse environments. They enable interoperability, enforce consistent policy controls, and simplify compliance with DoD and intelligence directives.
- Commercial Platforms with Open Cores: Platforms like Virtru’s Data Security Platform, powered by OpenTDF, deliver the flexibility of open technology while providing pre-built capabilities that accelerate deployment. These platforms:
-
- Reduce the need for custom development
- Offer built-in features like encryption, access controls, and audit logging
- Allow organizations to achieve operational readiness faster and at a lower total cost
- Create an ecosystem of adopters that collectively benefit from advances to the platform and learn from each other
In summary: Open technology is good. Open technology aligned with standards is better. Open technology aligned with standards and delivered through commercial platforms is best—delivering flexibility, compliance, and rapid time-to-value.
Budget Implications: Maximizing Impact in a Constrained Environment
The DoD’s cybersecurity budget reflects both the urgency of its mission and the need to allocate resources wisely. For fiscal year 2025, the DoD has requested $14.5 billion for cyberspace activities, including nearly $1 billion for zero-trust initiatives. However, a significant portion of this funding still supports traditional perimeter-centric controls, such as network and endpoint security.
To achieve maximum impact, the DoD should consider shifting a greater share of its budget toward data-centric controls, which offer long-term strategic advantages:
- Enhanced Collaboration: Securely share data with coalition partners without compromising control.
- Zero Trust Alignment: Protect sensitive information at the data level, reducing reliance on vulnerable perimeters.
- Cost Efficiency: Leverage commercial platforms that deliver open technology and advanced functionality out of the box, avoiding costly customizations.
- Improved Security: Protecting data reduces the potential of insider threats and ensures that data remains protected outside of the system boundaries that it was created in.
By balancing perimeter-centric investments with increased funding for data-centric approaches, the DoD can accelerate its transition to all things zero trust and a modern, resilient cybersecurity architecture.
Why This Matters
In today’s threat landscape, protecting sensitive data while enabling secure collaboration is essential. Open technology provides a strong foundation, but aligning it with open standards and commercial platforms amplifies its value and accelerates adoption across the enterprise. This approach reduces time-to-value, lowers costs, and ensures compliance with mission-critical policies.
At Virtru, we’re proud to deliver solutions that embody this philosophy:
- ZTDF ensures consistent, standards-based security.
- OpenTDF provides a transparent, flexible core.
- The Virtru Data Security Platform adds commercial-grade functionality to accelerate adoption.
Together, these elements enable organizations to achieve secure collaboration, operational agility, and mission success—without vendor lock-in.
A Call to Action
As we look ahead, it’s clear that the future of cybersecurity lies in openness, standards, and innovation. At Virtru, we’re committed to working with federal agencies to advance this vision. If you’d like to learn more about how Virtru can help your organization achieve faster, more secure data-sharing, let’s connect.
Schedule a demo today to explore the Virtru Data Security Platform in action.
