Advertisement

DOD to demonstrate zero trust, data-centric security capabilities with allies during live exercise

The upcoming multinational demonstration will help inform the Pentagon's work to enable international integration for CJADC2.
Listen to this article
0:00
Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.
U.S. Marine Corps Sgt. Logan Schell, a joint tactical air controller assigned to 2nd Air Naval Gunfire Liaison Company, II Marine Expeditionary Force Information Group, monitors aircraft camera footage during a digitally aided close air support event as part of Bold Quest ‘24 at Marine Corps Base Camp Lejeune, North Carolina, Oct. 31, 2024. Bold Quest ‘24 is a joint staff sponsored, multinational venue designed to enhance and develop interoperability. (U.S. Marine Corps photo by Cpl. Maurion Moore)

The Defense Department plans to demonstrate new security frameworks during a live, multinational exercise next year as part of a larger effort to mature Combined Joint All-Domain Command and Control (CJADC2).

The Pentagon is planning to implement a novel mission partner environment architecture on a live network in support of a maritime mission being led by the United Kingdom in 2025. The goal is to employ zero trust and data-centric security capabilities on a federated architecture, composed of “multiple secure, collaborative data services between partners and hosted users,” a spokesperson for the office of the Joint Chiefs of Staff told DefenseScoop in a statement.

“This enables us to create a global information sharing capability,” the spokesperson said.

The event will leverage previous work done by the Pentagon’s Project Olympus, according to a department news release. Led by the Joint Staff’s J-6 directorate for command, control, communications and computers/cyber, the effort looks to solve challenges that prevent international allies and partners from sharing critical warfighting data by testing, developing and integrating various enabling technologies via experiments and demonstrations.

Advertisement

During the 2025 maritime mission, the United States, United Kingdom and Canada will utilize zero trust and data-centric security capabilities that were previously tested during Project Olympus 2024, including the Indo-Pacific Mission Network and Collaborative Partner Environment, according to the spokesperson.

Other international participants include Norway, Australia, Chile, Spain, France, India, Italy, Japan, Republic of Korea, Malaysia, Oman, New Zealand and Singapore.

“As part of this activity, we will assess command and control effectiveness and performance and CJADC2 capability maturity relative to a primary line of effort within the CJADC2 Strategy, Modernize Mission Partner Information Sharing,” the spokesperson said.

CJADC2 is the department’s new warfighting concept that aims to connect disparate systems operated by the U.S. military and international partners under a single network to enable rapid data transfer between all warfighting domains.

Although the Pentagon announced earlier this year that it had developed a “minimum viable capability” for CJADC2, there are still a number of technology and policy hurdles that inhibit the department’s ability to effectively share information with allies. As a result, the U.S. is adopting new mechanisms — such as zero trust and data-centric security standards — that allow for protected information sharing.

Advertisement

“We’ve historically looked at security as the antithesis for information sharing,” Jim Knight, the United Kingdom’s lead for Project Olympus, said in a Pentagon news release. “The security folks come in and want to sort of clamp down. With zero trust and data centric security, they are security mechanisms, but they are enabling information sharing.”

Zero trust is a cybersecurity framework that assumes adversaries are already moving through IT networks, and therefore requires organizations to continuously monitor and validate users and their devices as they move through the network.

The strategy differs from traditional “perimeter-based” security models that assume all users and devices can be trusted once already inside a network. It requires Pentagon components to modernize their IT infrastructures, as well as adopt new governance processes.

“I think that’s a key focus point,” Knight said. “For the first time, we’re getting that balance right in terms of applying more security. And by applying more security, we’re getting greater information sharing.”

Mikayla Easley

Written by Mikayla Easley

Mikayla Easley reports on the Pentagon’s acquisition and use of emerging technologies. Prior to joining DefenseScoop, she covered national security and the defense industry for National Defense Magazine. She received a BA in Russian language and literature from the University of Michigan and a MA in journalism from the University of Missouri. You can follow her on Twitter @MikaylaEasley

Latest Podcasts