Defense Information Systems Agency senior leaders discussed how the agency provides a resilient and secure network infrastructure to the warfighter and how zero trust architecture will reinforce those networks during the Federal Networks 2023 conference in Pentagon City, Virginia, Thursday, Sept. 28.

From the president down to the deployed warfighter, DISA must be prepared, in any manner of crisis, contingencies or conflicts, to deliver information anywhere in the world, said Christopher Barnhurst, DISA’s deputy director, during his keynote address.

Thunderdome, DISA’s zero trust network access and application security architecture, is leading the DOD’s move toward zero trust. The program is built on three foundational pillars: verify the user and the device they’re using; make access to data, systems, applications and privileges conditional for each user; and verify data and applications explicitly.

“In today's environment, we're seeing widescale, persistent, increasingly sophisticated cyber-attacks against our IT networks, our infrastructure, and all that is aimed at affecting our warfighters and their ability to do what they do,” said Barnhurst.

Thunderdome demonstrates DISA’s commitment to zero trust by combining various tools to defend the network. In July, DISA awarded a follow-on production other transaction authority agreement for Thunderdome, moving the bar to meet National Defense Strategy and the DOD’s zero trust goals.

“As we think about moving to zero trust, what we think about is an integrated set of capabilities that protect data and not necessarily focus on protecting the network. It’s worth emphasizing that we're not trying to leave the front door open either,” Barnhurst said. “There still are boundary protections that need to be in place.”

Brian Hermann, the director of DISA’s Cybersecurity and Analysis Directorate, echoed not leaving the front door open while emphasizing the need to simplify everything --from the backend network and Thunderdome to the user experience.

“I think removing the Joint Regional Security Stacks from the network is going to be part of simplification as well,” Hermann said. “But on the back end, we also have some legacy applications that have done things their own way for a while. I think making those available to application owners and getting after the challenge of how we manage our data, is crucial to having a simplified user experience.”

Thunderdome is just one part of a larger ecosystem and architecture in the realm of trust when it comes to DOD networks. Still, it is a key component of being the combat support agency that gets information to the warfighter when they need it, Barnhurst said.

“We've got to have the resilient infrastructure that's secured in order to deliver that information where it's needed,” Barnhurst said.