b'ZZero trust is a priority in cybersecurity policy throughout the DOD. What is your agency doing to implement zero trust?Duchak: Zero trust architecture is something the federal government is very focused on right now, as it should beit enables cyber analysts to think beyond the perimeter security mentality, including the unit of control for cybersecurity, which has traditionally been the IP address. We would build perimeters or moats to keep out certain IPs and let in others. With zero trust, the IP is replaced by identity as the unit of control or trust. Its based on the idea that organizations need to proactively control all interactions between people, data and information systems to reduce security risks. This means we need to verify the human, the machine, the connections between machines, between humans, and between humans and machines. So, while the typical network-centric approach to cybersecurity generally assumes that users inside a network can be trustedin We recognize that zerothe zero-trust security model, users and devices both inside and outside the network are, by default, considered trust isnt some sort ofnot trustworthy. Therefore, it continually assesses, authenticates and authorizes access which enables our appliance or applicationdefenders to find and remove adversaries from the network.you place on yourFor DLA, we recognize that zero trust isnt some sort of appliance or application you place on your network. We network. We know itsknow its more about a mindset change. We are currently more about a mindsetenmeshed in a significant digital-business transformationthe first one in more than 20 yearsthat is enabling us to change.rethink our business model, our value proposition and with that, our business processes. Part of our modernization - Dr. George Duchak effort is to implement the zero trust strategy which embraces those tenants to build secure software in our DevSecOps software factory from the start. This includes re-platforming to a single sign-on user persona that automatically limits where a user can traverse on our network while giving the right user, the right access, at the right time.Little: When people think of zero trust, they think of cybersecurity, locking out and authentication, but a lot of things go into that framework. Youre looking at different areas inside the ecosystem, from the cloud all the way out to securing the edge. For example, theres a lot of devices now with 5G that have dual radios. If Im tied into a secure slice, lets say classified collateral, and I have access to the internet, theres an ability for crossover there. I have to be able to secure my UE [user equipment] as well. While were not heavily focused on the UE here, we do have a big concern about that and were working with others.Securing the Nations Network|Page 5'