TĐH: Traditional cybersecurity strategies are no longer sufficient for today’s cyberwar. The Zero Trust strategy is a new concept in cyberwar. To help understand this concept, I post here a paper by the US Department of Defense entitle “DOD Zero Trust Strategy.” This concept will involve not just DOD or military institutions, but also many private enterprises and individuals. Indeed, it involves the entire nation. I select the DOD presentation to post because, by nature of its job, DOD is probaly concerned about cybersecurity more than anyone else. Below is the Foreword of the DOD paper.

DOD ZERO TRUST STRATEGY

Download full paper >>

Foreword

Our adversaries are in our networks, exfiltrating our data, and exploiting the Department’s users. The rapid growth of these offensive threats emphasizes the need for the Department of Defense (DoD) to adapt and significantly improve our deterrence strategies and cybersecurity implementations. Defending DoD networks with high-powered and ever-more sophisticated perimeter defenses is no longer sufficient for achieving cyber resiliency and securing our information
enterprise that spans geographic borders, interfaces with external partners, and support to millions of authorized users, many of which now require access to DoD networks outside traditional boundaries, such as work from home. To meet these challenges, the DoD requires an enhanced cybersecurity framework built upon Zero Trust principles that must be adopted across the Department, enterprise-wide, as quickly as possible as described within this document.