Traditionally, that meant collecting and sending data back to command facilities in Hawaii or the continental U.S. for analysis and response. But in fast-changing operational environments, that approach is quickly becoming outmoded and unreliable.

This scenario highlights both the challenge commanders face and the strategic shift underway across the military. The decisive advantage no longer rests solely on the movement of troops and materiel—but on the ability to move and process information faster, more securely, and with greater operational relevance than adversaries.

Achieving that kind of information advantage means being able to deliver real-time insights to warfighters in the field—especially in environments where communications are disconnected, disrupted, intermittent, or limited (DDIL). This isn’t just a technical upgrade; it’s a strategic imperative.

Underlying this shift is the growing expectation that actionable intelligence will reach those on the front lines faster than it reaches our adversaries. That expectation is driven in no small part by the commercial experience most consumers have become accustomed to – e.g., the ability to track deliveries en route and notifications when they arrive.  

Conflict planning and logistics in contested DDIL environments are obviously more complicated, which is all the more reason why the advantage lies with those who have an information advantage. That requires assessing, processing, and disseminating vast amounts of data quickly at the edge.

Gaining the data edge

“In many regards, data is the five-five-six round of the next war,” said John Sahlin, vice president for defense cyber solutions at General Dynamics Information Technology (GDIT), referring to the standardized rifle cartridge used by NATO forces. “It has become the lynchpin to enhance the decision-making process for advantage.”

That advantage depends on more than just collecting data. It requires turning it into usable intelligence faster than adversaries can react.

“The core problem is latency,” explained Matt Ashton, partner customer engineer at Google Public Sector. “Until recently, the immense volume of data from sensors, drones, and logistical trackers required the processing power and AI available primarily in distant cloud computing centers.”

“Our DOD customers struggle with the current status quo at the edge because they can’t run true AI,” said Ashton. “So data has to get sent back to the mother ship to crunch the data and get a resolution. The massive differentiator now is our ability to provide AI at the edge.”

According to both industry experts, the solution lies in a combination of powerful, ruggedized edge computing platforms and AI models specifically engineered for defense use that can operate independently, even when completely disconnected from high-capacity networks.

Google, for example, provides this capability through its Google Distributed Cloud (GDC), a platform designed to bring data center capabilities to the field.

“GDC was built to run so it never has to ‘call home.’ It can sit on the Moon or a ship. It doesn’t have to get updates,” Ashton said. “It’s a family of solutions that includes a global network, but also features an air-gapped GDC box that connects to the Wide Area Network and other on-prem servers not on the internet.”

This allows commanders on submarines, at remote bases, or in forward-deployed positions to run AI and analytics locally and process vast sensor data streams in-theater without waiting on external links.

Why mission-specific AI models matter

However, raw computing power is only part of the equation. Commercial AI models often lack a nuanced understanding of military operations. This is where operationally relevant AI models developed by GDIT that translate raw data into relevant, actionable intelligence are crucial.

Sahlin compared the role of mission-specific AI models to a speedometer in a car. “What it measures is the revolutions per minute of the axle. What it reports is how fast you’re going in miles per hour,” he explained. “That’s the kind of insight that only comes from real-world familiarity with military operations.”

“A clear grasp of operational objectives is key to developing models that are tuned to real-world demands of each mission,” said Sahlin. “So that may mean multiple mini-models to translate data into relevant insights.”

Sahlin also explained why applications built on an open data architecture model are crucial to adaptability at the edge.

“The real value of an open data architecture, particularly in the defense industry, is that it’s a very decentralized platform. Logistics is a classic example of commercial, local, last-mile delivery providers working with many sources. In the military, you won’t have a single source or model. This is where open architecture is critical.”

Security remains foundational to all of this. Sahlin noted that while the military can benefit from commercial innovation, it still needs to ensure higher levels of security than commercial operators. So it’s also essential that the military’s AI development partners have a deep understanding of the Defense Department’s zero trust security practices and requirements, which apply to the broader base of defense suppliers in the DOD’s supply chain.

“GDIT’s value lies in its longstanding experience supporting defense missions,” Sahlin said. “We work with clients to gather the right data, build tailored models, and deliver intelligence to the edge, even in DDIL conditions where units may be disconnected or intentionally silent.”

Looking ahead

By combining a platform like GDC with mission-specific AI models from GDIT, military logistics teams can move from reactive support to proactive planning, anticipating needs, reallocating resources, and outmaneuvering adversaries.

As operational demands grow more complex and communications become more contested, defense leaders say gaining an information advantage at the edge isn’t just important, it’s essential for mission success.

Learn more about how GDIT and Google Distributed Cloud can help your organization deliver at the edge more proactively.

This article was sponsored by GDIT and Google Cloud.

The post The new frontline: Winning the information war at the tactical edge appeared first on DefenseScoop.

The secretary’s order, signed Friday but first made public Tuesday, came after an eye-opening investigation by ProPublica revealed Microsoft had been relying on China-based engineers to support DOD cloud computing systems.

Short on specific details, Hegseth’s order enlists the CIO — with the support of the department’s heads of acquisition and sustainment, intelligence and security, and research and engineering — to “take immediate actions to ensure to the maximum extent possible that all information technology capabilities, including cloud services, developed and procured for DoD are reviewed and validated as secure against supply chain attacks by adversaries such as China and Russia.”

Hegseth first referenced his order in a video posted to X on Friday, in which he said, “some tech companies have been using cheap Chinese labor to assist with DoD cloud services,” calling for a “two-week review” to make sure that isn’t happening anywhere else in the department’s tech supply chains.

The secretary, in both his video and the new memo, stopped short of calling out Microsoft specifically. However, a spokesperson for the company has since stated publicly that it has made changes to “assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.”

“This is obviously unacceptable, especially in today’s digital threat environment,” Hegseth said in the Friday video, claiming that the system at the center of the incident is “a legacy system created over a decade ago during the Obama administration.”

He added: “We have to ensure the digital systems that we use here at the Defense Department are ironclad and impenetrable, and that’s why today I’m announcing that China will no longer have any involvement whatsoever in our cloud services.”

The memo itself calls on the department to “fortify existing programs and processes utilized within the Defense Industrial Base (DIB) to ensure that adversarial foreign influence is appropriately eliminated or mitigated and determine what, if any, additional actions may be required to address these risks.” Specifically, it cites the Cybersecurity Maturity Model Certification (CMMC) — the final rule for which, as of Wednesday, is undergoing regulatory review with the Office of Management and Budget — acting CIO Katie Arrington’s new Software Fast Track program, and the FedRAMP process as existing efforts the Pentagon CIO should rely on to ensure the department’s tech is secure.

Within 15 days of the order’s signing, DOD’s Office of the CIO must issue additional implementing guidance on the matter, led by department CISO Dave McKeown.

On top of that, it taps the undersecretary of defense for intelligence and security to “review and validate personnel security practices and insider threat programs of the DIB and cloud service providers to the maximum extent possible.”

The post Hegseth calls on DOD CIO to protect tech supply chain from influence of China appeared first on DefenseScoop.

Leslie Beavers, who also served as acting DOD CIO for a period at the end of the Biden administration and during the early days of the second Trump administration, will step down as DOD principal deputy CIO at the end of September.

“The Office of the CIO would like to congratulate Principal Deputy DoD CIO Leslie Beavers who announced today that she will be stepping down from her position at the end of September after more than 30 years of uniformed and civilian service,” reads a LinkedIn post from the DOD CIO’s office. “From projects such as Mission Partner Environment and the standup of the Cyber Academic Engagement Office to work to accelerate Identity, Credential, and Access Management enterprise solutions, Ms. Beavers’ unique blend of uniformed, civilian, and private industry experience drove success and innovation.”

Beavers also played a key role in the Office of the CIO’s delivery of its Fulcrum IT strategy in 2024 with then-CIO John Sherman.

In an exclusive interview with DefenseScoop, Beavers detailed the genesis of Fulcrum, which has become the guiding strategic framework for the Pentagon’s IT modernization.

“It was really important to crystallize the department’s vision into what success looks like, which is what we are attempting to do here in Fulcrum because I am trying to get program managers across the department — not just within the CIO organizations, but in all the different weapon systems program offices — to make decisions a little differently, to make them with the user experience in mind, to make them with interoperability as a priority first and really defining what success looks like, and giving them that vision,” she said.

When Sherman stepped down from the CIO role at the end of June 2024, Beavers filled it temporarily until Katie Arrington was appointed to perform the duties of CIO in March. Since then, Beavers retained her deputy role, supporting new efforts under Arrington’s leadership like the Software Fast Track initiative and “blowing up” the Risk Management Framework.

It’s unclear what Beavers’ next role will be after her departure or who will take her place when she officially leaves. DefenseScoop reached out to the Pentagon for comment.

Prior to serving as principal deputy CIO, Beavers was director of intelligence surveillance and reconnaissance enterprise capabilities in the Office of the Under Secretary of Defense for Intelligence & Security and an intelligence officer in the Air Force at the rank of brigadier general. She also held roles in the private sector with GE and NBC Universal.

The post Deputy CIO Leslie Beavers leaving DOD appeared first on DefenseScoop.

Randy Resnick, senior advisor of the Zero Trust Portfolio Management Office in the DOD, said Wednesday that the department is developing those guidance documents as expansions and variations of the 91 baseline “target-level” zero-trust activities it has already released for industry models to meet.

The new IoT and OT guidance are expected sometime in September, Resnick said at the GDIT Emerge: Edge Forward event, produced by FedScoop.

DOD uses what it refers to as “fan charts,” Resnick said, to lay out the various security controls vendors must build into their zero-trust solutions to meet the baseline for military services and defense agencies. In total, there are 152 controls — 91 at the target level and 61 at the advanced level, which “offer the highest level of protection,” the department said in guidance from 2024.

Resnick said that the fan chart for operational technology is “different” than that of the 91 activities needed to meet target-level compliance, though “there’s a lot of overlap.”

“The number of activities to hit target-level OT is different,” he explained.

For securing IoT systems with zero trust, Resnick said it’s essentially the same 91 target-level activities, plus two additional controls.

Explaining why it was necessary to build out additional overlays for OT and IoT systems, he said the way you respond to an incident is quite different, especially for operational technology.

With OT, Resnick said, “You want to have it fail open, or you want to have it fail in a way that doesn’t disturb or cause more mischief or harm than you want.”

Once those pieces of guidance arrive in September, just one more such directive remains for the DOD to issue: zero-trust overlays for weapons systems, said Resnick.

With the 2027 deadline looming, Resnick said he feels like “we’re in good shape,” especially after his office was spared in recent DOGE cuts, he said.

He explained that the department continues to experience successful pilots with industry that meet target or advanced levels of zero trust. And with more of those solutions taking shape, it’s getting closer to the point where DOD organizations will be able to “just buy it, implement it, install it, and pretty much get there before the end of [2027],” Resnick said.

The hard part will then be installing the solutions, he explained.

“We’re talking professional services and a whole army of people that are probably going to be required,” Resnick said. “We’re talking about full swap-outs and new infrastructures. This is not a small problem … I certainly hope that industry is thinking like that.”

The post Pentagon zero trust guidance for IoT and OT coming in September appeared first on DefenseScoop.

During Senate and House subpanels, military leaders and members of Congress outlined force cuts and budget reductions that have led to risks in missions for special operations forces because, in many cases, the head of Special Operations Command has been forced to tell combatant commanders “no” when they request capabilities.

Headlining the details outlined on Capitol Hill in recent days is the fact that SOCOM has had a flat budget since 2019, leading to a 14% decrease in purchasing power and a 5,000-person reduction in forces across the command over the last three and a half years. That includes reducing roles in communications, logistics, intelligence, civil affairs and psychological operations, and specifically a reduction of 3,000 personnel for military information support operations.    

“SOCOM has operated under stagnant budgets. The limitation of SOF end strength was a very short-sighted decision at a time when SOF capabilities are needed more than ever. We must change course now,” Sen. Joni Ernst, R-Iowa, the chair of the Senate Armed Services Subcommittee on Emerging Threats and Capabilities, said during a hearing Tuesday afternoon. “That is why I intend to work with the DOD to rebuild SOCOM’s budget. Given SOF’s critical role in national security, this is a wise and cost-effective investment.”

That view was shared among other members of the panel, as well as their counterparts in the House.

“I would like to plus them up … A big bump up in funding for the SOF community,” Rep. Morgan Luttrell, R-Texas, a retired Navy SEAL, told DefenseScoop in an interview Tuesday. “I know for a fact that they are hurting for funding lines, for pots of money in certain places, through discussions with the leadership. My stance is: Hey look, I’m going to work as hard as I can with the members in [House Armed Services Subcommittee on Intelligence and Special Operations] and with the committee to get you what you need, which we are having those discussions.”

A bump in funding for SOF will provide more placement and access for units forward-deployed, Luttrell said. Their global footprint and ability to flex at a moment’s notice provide a defensive posture that exceeds traditional measures, he said, whereas if conventional forces are required to show up, “we are in trouble.”

Sen. Elissa Slotkin, D-Mich., ranking member of the Subcommittee on Emerging Threats and Capabilities, noted that, like how Space Force was excluded from taking cuts, her hope was these high-demand mission sets would be taken into consideration as well.

“[I] just would hope that if there’s someone who’s picking and choosing missions that are going to be cut versus protected, I know you’re advocating, but that we realize that the units that are in highest demand should not be taking the same haircut as everybody else across the force,” she said.

Members of Congress led witnesses in talking about how the cuts to purchasing power and end strength have hurt special operations forces’ ability to meet the requirements of combatant commands, with SOCOM Commander Gen. Bryan Fenton explaining how it’s hurt his ability to offer support.

Combatant command requests are up 35 percent in the last three years due to the need for deterrence, Fenton said. Special operations forces bring a variety of capabilities in the way of building relationships, developing access, providing indications and warnings, closing kill webs or kill chains, and giving commanders options and opportunities they wouldn’t otherwise have in the hopes of preventing a drawn-out conflict.

“Where we’ve had to say, ‘no,’ I’ll give you a number: Last December in one of the global force management tanks, I had to say no 41 times to request[s],” Fenton told members of the House Armed Services Subcommittee on Intelligence and Special Operations on Wednesday. “It’s a high compliment that this SOF team is that value proposition to the entire department … [Why] we couldn’t do it, my sense, and I’ll wind this down for you, is two reasons: There’s certainly a capability and capacity piece against the great humans that do that work. And as you know, we’ve been reduced in the past couple years by up to 5,000. But there’s also now a fiscal constraint that’s pulling at us based on an increasingly decreasing top line that now comes into play.”

Others warned of the proposed eight percent cuts the Department of Defense is seeking across the board in a measure to reduce inefficiency and redundancy.

“I’m not a doctor, but if I was, it would be cutting into bone. We are already lean and efficient,” Colby Jenkins, the official performing the duties of the assistant secretary of defense for special operations and low-intensity conflict, said when asked by Rep. Jason Crow, D-Colo., what an eight percent cut would look like.

To that, Crow added: “There’s no fat in SOCOM. You’re lean and mean as you’re supposed to be.”

Jenkins replied that special forces leaders are doing their best to avoid the negative impacts of DOD-wide budget cuts at all costs.

Aside from deterrence, the cuts in personnel and resources have also hurt SOCOM’s ability to modernize, particularly as the character of war changes, slowing its ability to adopt new technologies such as uncrewed systems, artificial intelligence, additive manufacturing and autonomy.

Fenton described that due to a 14 percent reduction in buying power, which equates to about $1 billion, his command is unable to acquire capabilities that might be able to provide asymmetry on the battlefield.

To stress the importance of that, he used the backdrop of the conflict in Ukraine, where the Ukrainians have been outmatched in terms of legacy capabilities — tanks, missiles, airplanes and helicopters — against the Russians, but adopted asymmetric tools to impose costs on Russian forces and stay in the fight.

“From the modernization piece first, I think first and foremost, the risk is not winning, not being able to complete the mission in the future environment,” Fenton said. “We’re taking risks there, the inability to get after the things I think that are asymmetric, that are part of the changing character of war, to do it at speed. You could add anything uncrewed, artificial intelligence, additive manufacturing, autonomy, all that. I think we’re accruing high risk because we as SOCOM are not able to get after that based on a flat top line.”

Fenton noted that, additionally, the acquisition system needs significant modernization to keep up with these emerging technologies driving the changing character of warfare.

He called the current system “outdated” and “glacial,” designed for the old world of aircraft carriers and airplanes, but not suited for the modern battlefield.

“But what we’re seeing through the lens of Ukraine needs to be an acquisition and procurement system that is hyperspeed, supersonic. Because over there, we’re watching the changes in minutes, hours and days,” Fenton told members of the House.

He added that requirements must be addressed and updated by reducing the number of people involved in them to enable a faster cycle between operator, commander and acquisition, such as allowing those downrange to directly inform requirements.

The cycles could also be faster.

“As I think about the requirements process, certainly the buckets of time give us an opportunity to think through multi-year processes,” Fenton said. “Two years might see multi-year. I think to all of us, multi-year probably needs to be five-to-10 years so we can move at the speed and evolution of what we’re seeing out on the battlefield.”

Fenton also advocated for consolidating the “colors” of money and compressing multiple funding pots. Within the DOD, funds are divided into separate categories of operations and maintenance, procurement, and research and development, and they must be used only for those purposes, negating flexibility to move around additional allocated funds if needs require more in another pot.

“I think there’s a way to take a lot of that off, compress the multiple lines to just a couple and really modernize there,” Fenton said.

The post Lawmakers fearful of SOCOM cuts, possible risk to mission appeared first on DefenseScoop.

She assumed the role effective Feb. 18.

A familiar face, Arrington comes back to the Pentagon where she was the chief information security officer for the department’s acquisition and sustainment organization during the first Trump administration.

She was best known for starting the Pentagon’s Cybersecurity Maturity Model Certification program over six years ago, which aims to improve the cybersecurity posture of the defense industrial base and contractors by requiring minimum cyber standards to win contracts.

Arrington previously ran for Congress in South Carolina. Prior to exiting government, she was embroiled in a scandal that saw her security clearance revoked before eventually reaching a settlement.

In the role, Arrington will be expected to provide policy and technical expertise on DOD-wide oversight on all matters related to cybersecurity, including protecting critical infrastructure from cyber threats, coordinating cybersecurity standards and delivering information dominance to defeat adversaries.

Arrington posted on LinkedIn announcing her role.

The post Katie Arrington returns to DOD as CISO appeared first on DefenseScoop.

The Department of Defense submitted a proposed rule that, once approved, would incorporate new cyber requirements into all contracts for vendors who want to do business with the U.S. military that involves sensitive but unclassified information.

Under the CMMC 2.0 program, any contractor or subcontractor that does work with the DOD involving what’s referred to as controlled unclassified information or federal contract information must obtain — or in some cases self-attest to — one of three levels of CMMC compliance, depending on the sensitivity of the information involved in the work.

Specifically, the new proposal, published in the Federal Register, aims to amend the Defense Federal Acquisition Regulation Supplement to implement those cybersecurity requirements in contracts as part of the larger CMMC 2.0 program — which itself is in the middle of the federal rulemaking process kickstarted with a separate rule proposal last December after a previous iteration of the CMMC program with more stringent requirements failed.

That previous proposed rule put forth in December 2023 would establish the CMMC program into federal law, laying out “requirements for a comprehensive and scalable assessment mechanism to ensure defense contractors and subcontractors have … implemented required security measures to expand application of existing security requirements for Federal Contract Information (FCI) and add new Controlled Unclassified Information (CUI) security requirements for certain priority programs.”

This latest proposed rule looks to complement that by spelling out how that program will be implemented in DOD contracts.

“These amendments require at the time of award the results of a current CMMC certificate or CMMC self-assessment, at the level required, for all information systems that process, store, or transmit FCI or CUI during contract performance, when a CMMC level is included in the solicitation,” the proposed rule reads.

It also includes a few other key clarifications for the administration of CMMC in defense contracts once these two rules are final. Notably, Thursday’s proposal spells out a phased rollout of requirements into contracts over the subsequent three years.

“In order to implement the phased rollout of CMMC, inclusion of a CMMC requirement in a solicitation during this time period will be determined by the program office or requiring activity after consulting the CMMC 2.0 requirements” laid out in the December 2023 proposed rule, the latest proposal says. “During the phase-in period, when there is a requirement in the contract for CMMC, CMMC certification requirements must be flowed down to subcontractors at all tiers, when the subcontractor will process, store, or transmit Federal contract information (FCI) or CUI, based on the sensitivity of the unclassified information flowed down to each of the subcontractors in accordance with the proposed CMMC 2.0 requirements.”

Once that period ends, CMMC will be in effect for all DOD contract solicitations.

More granularly, the newly proposed rule sets requirements for contracting officers to ensure bidding contractors are CMMC compliant, issues an updated definition for controlled unclassified information — the distinguishing element for contracts that require CMMC compliance — and introduces a provision to notify contractors when there are CMMC requirements in a contract, among other things.

Now, the clock starts on the comment period for the proposed rule, which will run through Oct. 15. At that point, the DOD will sort through any comments and make tweaks as necessary before submitting the rule for final approval to the Office of Information and Regulatory Affairs to be issued as a final rule.

Given the current timing, if things go smoothly during the next steps of the rulemaking process, the phased rollout of CMMC could begin sometime in mid-to-late 2025.

The post Pentagon a step closer to CMMC starting line with new contract rule proposal appeared first on DefenseScoop.

During a presentation at DefenseTalks in May 2024, Wes Anderson, vice president, defense operating unit, at Microsoft Federal, not only highlighted AI’s far-reaching impact across sectors but also its implications for the Department of Defense (DOD).

“We all know this is a time of great power competition, one with unprecedented near-peer competitors that have the will, economic means and an industrial base to enable their ambitions,” said Anderson. “One of the questions I often get is, how can you help the DOD bring innovation to their mission, and how can you help us accelerate pace? An area where we’re seeing that potential is with AI.”

AI in action

A pivotal moment in AI’s advancement was the emergence of ChatGPT, which demonstrated AI’s capability to achieve mass adoption rapidly. While technologies like mobile phones took 16 years to reach 100 million users and the Internet took 7 years, ChatGPT achieved this milestone in just 60 days in January 2023. “This swift adoption highlights a significant leap from traditional AI to generative AI, powered by advanced foundational models trained on vast datasets using cloud-based supercomputers,” he said.

Anderson cited a collaboration between Microsoft’s Azure Quantum team and Pacific Northwest National Labs to reduce dependency on lithium by developing new battery materials. Traditionally, this process would take years, but with AI and cloud-based supercomputers, the team reduced 30 million candidate elements to one viable electrolyte in just two weeks. “This breakthrough illustrates AI’s potential to revolutionize research and development timelines across various fields, including the defense sector,” said Anderson. “Ultimately, these models can help us make informed decisions across massive amounts of disparate data and will benefit how the Defense Department does business and executes its mission.”

AI’s impact also extends to enhancing workforce efficiency. Anderson cited Microsoft and LinkedIn’s 2024 Work Trend Index Annual Report, which revealed that two-thirds of employees feel they lack the time or energy to complete their work, hindering innovation and strategic thinking. AI can alleviate this burden by automating routine tasks and enabling workers to focus on more critical, value-added activities. In the defense sector, Anderson said AI can help the U.S. address the shortage of people and skills to help defend the nation by enabling better decision-making and upskilling. 

Secure and ethical AI implementation

However, Anderson also acknowledged that the DOD faces unique challenges in adopting AI, particularly concerning data security. To address this, he discussed the deployment of GPT-4 within secure environments, ensuring that sensitive information remains protected while leveraging AI’s capabilities. “This approach exemplifies how AI can be integrated into critical operations without compromising security, thereby driving innovation and efficiency within the defense sector,” said Anderson.

In addition, ethical considerations are paramount when it comes to AI deployment within the DOD. Anderson stressed the need for responsible and ethical AI practices that align with the DOD’s guidance. “Implementing guardrails ensures AI is used in ways that are safe, fair, and beneficial to all stakeholders,” he said.

Adapting to an AI-driven future

Anderson also underscored the importance of cultural and organizational change alongside technological adoption. AI’s full potential can only be realized if the workforce adapts to new ways of working. “It’s not just about the technology. The technology can enable you to move really quickly, but it’s only going to be as quick as your workforce can move,” said Anderson. “So, you have to change the culture. You have to change how people work by bringing them along from the start and letting them get comfortable with AI.”

While AI holds transformative potential across industries and within the DOD, realizing its full benefits requires a balanced approach that integrates technology with cultural and ethical considerations and prioritizes both technological advancement and workforce adaptation.

Learn more about how Microsoft can help government organizations transform in the era of AI, sign up for news and updates at https://aka.ms/AIforGovUpdates.

This article was produced by Scoop News Group and sponsored by Microsoft.

The post How the DOD can harness AI for innovation and efficiency appeared first on DefenseScoop.

The Pentagon’s zero trust portfolio management is moving quickly to assess and validate zero-trust solutions created by industry vendors to reach what it considers “target levels” of zero trust before the end of fiscal 2027. The cybersecurity framework assumes networks at any given time are compromised by adversaries, and therefore the department needs tools to constantly monitor and authenticate users and their devices as they move through a network.

But there is currently no method to continuously assess those solutions after they are fielded to DOD components to assure the architecture works the same as it did when it was first authenticated, according to Randy Resnick, director of the Pentagon’s zero trust portfolio management office.

“What we need is a tool … that is constantly going after [zero trust] infrastructures, that is constantly testing against that configuration that was passed,” Resnick said Tuesday during a presentation at AFCEA’s TechNet Cyber conference. 

Resnick’s office is now formulating a five-step process that will assess and validate a zero-trust solution before it is able to be procured by DOD components, and then use that assessment to independently and continuously test the infrastructure to ensure it is still properly protecting the network, he said.

Much of the Pentagon’s independent assessment process is conducted via purple teaming, a method that tests and analyzes both how adversaries and cyber defenders move and interact in the environment. However, Resnick said there is a “tremendous effort” to reduce the amount of purple teaming done for zero trust implementation.

“We don’t have enough time; we don’t have enough people. It is a drain — they have other missions that they need to do,” he said. “But if we can figure out a way to truly, independently test in a portable way and work in an industry environment, a neutral environment, something that costs extremely little, … that is relatively quick [and] where we could accelerate the number designs to throw into purple teaming — that’s what we’re looking for.”

Prior to going through the process, vendors will be required to tell the department how many zero-trust activities their proposed solution will achieve. The Pentagon’s 2022 zero trust strategy outlined 91 activities that cover minimum data security requirements for target levels of zero trust and an additional 61 activities defined as the full set of capabilities for “advanced levels.”

Vendors would then move through the first three steps of the process, each of which involves multiple assessments and tests of the proposed zero trust solution to validate whether it meets target levels and create a baseline infrastructure that will be used to compare the design against once it’s deployed. 

First, vendors will use a zero trust readiness assessment tool to evaluate their solution to determine if there are any gaps or additional activities it needs to reach, Resnick explained. Then, the solution will go through an automated threat-based cyber assessment in a simulated lab specifically configured to test the environment based on its design and intended threat environment, he said.

In the third step, advanced persistent threat teams would conduct independent “purple team assessments” of the zero-trust solution that test and analyze both how adversaries and cyber defenders move and interact in the environment. Using data from the previous two steps, teams would create a tailored and detailed test plan to complete a robust examination of the zero trust solution and produce a “purple team report,” Resnick said.

If the report determines a vendor’s solution meets zero-trust target levels, “we’ll make a recommendation to the DOD [Chief Information Officer] to give it a thumbs up for the DOD to approve that configuration for employment and procurement,” he said. “That would be the gate to allow the components to assuredly procure target- or advanced-level ZT solution prior to 2027.”

The goal is to create a “menu of solutions” that DOD components can eventually choose from across all three courses of actions outlined in the zero trust strategy’s capability execution roadmap, Resnick noted.

The approved solution would then move into step four, which is the zero trust overlays for the risk management framework, he said. The guidance document describes how to apply security controls across the Defense Department through a phased implementation approach, helping standardize overall zero trust adoption and develop capability gap analysis for officials.

Finally, the Defense Department will use a continuous monitoring assessment tool configured to monitor for configuration drift and other potential issues. Configured with all 152 zero trust activities, the tool will run over 300 attacks a day on the infrastructure and compare it to the baseline created earlier in the approval process, according to a chart shown in the presentation. If a solution strays too far from its known design, officials at Joint Force Headquarters – Department of Defense Information Network will be notified of the breach, Resnick said.

“Conceptually, we believe that this spectrum creates repeatable processes that are independent enough to allow creativity [and] innovation, but it has certain government checkpoints where everybody has to meet, where the output leads into another thing,” he noted. “This way, we think we’re going to get the best designs implemented in the Department of Defense.

The post DOD working on continuous assessment process for deployed zero-trust solutions appeared first on DefenseScoop.

Tim Phillips, AARO’s acting director on assignment from the Office of the Director of National Intelligence, shared the first public details about these in-the-works, sensor-equipped Gremlin “kits” during the Wednesday briefing, which was more broadly focused on the office’s release of the congressionally required “Volume I Report on the Historical Record of U.S. Government Involvement with UAP.” That report is attached below.

“We’re working with some of the government labs, such as the Department of Energy labs, and we have a great partner with Georgia Tech. And what we’re doing is developing a deployable, configurable sensor suite that we can put in Pelican cases. We’re going to be able to pull it to the field to do a long-term [collection]. Since the UAP target — that signature is not clearly defined — we really have to do hyperspectral surveillance to try to capture these incidents,” explained Phillips, who stepped into the AARO lead role when its inaugural director Sean Kirkpatrick departed last year.

The AARO team began developing the sensors and associated capabilities for Gremlin in October. 

The team is currently experimenting with Gremlin at “a very large range in Texas,” where officials have been testing the system against known drone-type targets, and some unknown targets as well, Phillips noted.

“It’s picking up a lot of bats and birds. We’re learning a lot about solar flaring. We’re really starting to understand what’s in orbit around our planet and how we can eliminate those as anomalous objects,” he said. 

From there, the plan is to present the system to Defense Department leadership to deploy in response to reports of UAP encounters at militarily significant locations or near U.S. critical infrastructure.

“If we have a national security site and there are objects being reported that trend within restricted airspace, or within a maritime range, or in the proximity of one of our spaceships, we need to understand what that is. And so that’s why we’re developing a sensor capability that we can deploy in reaction to reports,” Phillips said.

Among its many congressional mandates, AARO is tasked with providing a secure mechanism via which DOD-official (and eventually other) users can submit reports of possible UAP observances that could threaten national security.

“In the last month, we closed about 122 cases that were reported to AARO — 68% of those cases we assessed to be some form of what I call ‘AARO garbage’ — balloons, trash that’s up there in the atmosphere that our advanced sensors were able to detect,” Phillips said.

“We do see an increase in resolved cases where we identified [unmanned aircraft system] technology. So, we’re starting to see more UAS out there being reported through operational channels,” he added.

To date, the 18-month-old office has evaluated about 1,200 cases associated with the military services.

“We approximately receive anywhere between 90 and 100 to 110 a month from the operating forces,” Phillips said. 

As cases are resolved (and, if needed and possible, unclassified), they’re posted and reflected on the office’s public website. 

“We’re hoping that the more transparent, the more that we can declassify and post to our site is going to demystify this topic,” the acting AARO chief noted. 

Another major congressional requirement for the office is the creation of a two-volume report on the U.S. government’s involvement with UAP. 

The direction came after multiple whistleblower reports from former U.S. defense officials who shared personal accounts of what they alleged are government-concealed encounters with what they think could be craft and technologies of “non-human origin.”

The first volume, released Friday, contains AARO’s findings, spanning from 1945 to Oct. 31, 2023. Volume II will include any findings resulting from interviews and research completed from Nov. 1, 2023, to April 5

“In a way, I’m really happy to get this behind us because I want to support the warfighter. I want to go after the cases that we received this week. As for where I want to be, I want to have my officers out in the field, talking to witnesses trying to gather and preserve evidence, trying to work with the services and the other departments in the government on how to preserve data when there are incidents, helping to write force protection standards, so I can capture this in real-time. Doing it forensically, after the fact, is difficult,” Phillips said. 

Broadly, the new Volume I report states that AARO found no verifiable evidence that any reported UAP sighting has represented extraterrestrial activity, that the U.S. government or private industry has ever had access to technology of non-human origin, or that any information was illegally or inappropriately withheld from Congress. 

Officials highlight multiple examples and explanations of government accounts, programs and existing technologies associated with UAP claims.

“AARO assesses that alleged hidden UAP programs either do not exist or were misidentified authentic national security programs unrelated to extraterrestrial technology exploitation,” Phillips said in the briefing.

Notably, however, many past government-handled UAP cases — and investigations in AARO’s current portfolio — remain unsolved.

During the briefing this week, Phillips also declined to answer several questions from reporters, including those about how many people currently work in his office and the number of officials involved in developing the Gremlin System.

Despite repeatedly reiterating commitments to public transparency regarding AARO’s findings, the media engagement was invite only and Pentagon press officials limited attendance to only those invitees.

Phillips also did not confirm whether AARO has resolved any cases with “transmedium” or shape-shifting objects, or breakthrough technologies generated by the U.S., China or Russia.

“As far as other advanced technologies — there’s been some cases, but we can’t discuss that here,” Phillips told DefenseScoop.

The post DOD developing ‘Gremlin’ capability to help personnel collect real-time UAP data appeared first on DefenseScoop.