A team from the U.S. Coast Guard Academy participated in the National Security Agency’s 20th annual National Cyber Exercise (NCX), a three-day cyber competition that tests the offensive and defensive cybersecurity skills virtually, April 8-10, 2021. The Coast Guard Academy recently instituted a Cyber Systems degree to meet the needs of the services cyber security strategy of defending cyber space, enabling operations, and protecting infrastructure. (U.S. Coast Guard photo by Petty Officer 2nd Class Hunter Medley)

From CISA to the NSA to DOD, the government is moving towards a Zero Trust posture. (U.S. Coast Guard photo by Petty Officer 2nd Class Hunter Medley)

WASHINGTON: The Defense Information Systems Agency announced today it awarded Booz Allen Hamilton a $6.8 million contract to develop the first prototype for Thunderdome, its zero-trust security and network architecture program.

With Thunderdome, DISA wants to move away from the “siloed nature of the classic defense-in-depth security model” and toward “integrating security from the end user all the way to the data being accessed,” the agency said in a release.

Over the next six months, DISA plans to produce a working prototype that’s scalable across the Defense Department and operationally test how to implement its Zero Trust Reference Architecture by taking advantage of commercial technologies like Secure Access Service Edge (SASE) and Software Defined-Wide Area Networks, according to the release.

RELATED: DoD Launches New Zero-Trust Security Portfolio Office; CIO Talks Priorities

Thunderdome will incorporate all three basic zero-trust principles: verifying the user and device, conditional access and privileges, and data- and application-centric protections.

“As an enhanced security set of capabilities, Thunderdome will greatly help to defend and guard our systems against sophisticated adversaries,” the release says. “Thunderdome will modernize DISA’s cybersecurity infrastructure to significantly improve our security posture as well as improve user access to cloud hosted applications by enabling dynamic, adaptable security from the user to the data and application edge.”

The prototype will align with several federal government cybersecurity modernization efforts, DISA said, to include President Biden’s executive order on improving the nation’s cybersecurity and the DoD chief information officer’s Digital Modernization Strategy.

RELATED: Biden Signs Memo to Secure DoD, IC National Security Systems

“As part of this modernization, Thunderdome will enable the streamlining of DoD’s endpoint security solution set, enhance our security posture as we continue to invest in cloud technologies and implement new security capabilities,” the release says. “SASE technology will be used to supplement the current perimeter defense function and allow for direct internet access for DoD applications, regardless of hosting environment.”

DoD’s phasing out of DISA’s Joint Regional Security Stacks program, which aimed to consolidate all post, camp and station networks into a series of regional networks, last year prompted the agency to develop a new zero-trust security and network architecture.

The award comes just days after DISA’s chief, Lt. Gen. Robert Skinner, said his agency is going to be leaning more on the private sector to help solve complicated IT and cybersecurity problems, including balancing security with usability.

“We don’t want to be risk averse, but also we don’t want to be risk reckless,” he told an AFCEA DISA luncheon last week.

Latest from Breaking Defense

vista
FJdqJ5XXEAQF05z
An F-35, $100 bill and the Capitol