For the Marine Corps, the move to zero trust is as much about collapsing networks and consolidating cloud instances as it is about modernizing its approach to cybersecurity.
This network unification and modernization initiative is why the Marines believe making the Defense Department’s 2027 deadline to meet the initial requirements under zero trust is more than doable.
Shery Thomas, the cyber technology officer and technical director for the Marine Corps Cyberspace Command, the Marine Corps Space Command and the Marine Corps Information Command, said the service is moving quickly toward a zero trust architecture.
“We looked at both the threshold and the objective requirements [of zero trust] and in terms of what are the capabilities that are currently available on the Marine Corps enterprise network. How do I transpose that to the tactical edge? Because if you do it the other way around the tactical edge might be a little bit deficient, and we didn’t want to do that,” Thomas said in an interview with Federal News Network at the AFCEA and U.S. Naval Institute West conference in February. “The assistant commandant has a directive that says to unify the network, and the unification of the network helps in terms of the agility, the response to decision making and the advantage that we bring to our warfighters. I treat the network as an adaptive organism that continues to change.”
Thomas said his team is optimistic about where they are on the zero trust journey after looking at their current cyber capabilities and comparing it to the target architecture they have to reach by 2027 as laid out by the Defense Department chief information officer’s office.
“From the individual pillar standpoint, I’ve got a big data platform. I’ve got enterprise data coming in. I’ve got tactical data. I’m able to put more sensors on those networks and I’m able to figure out in terms of user behavior, user analytics and then transpose that into the both the big data platform and into security information and event management (SIEM) and security orchestration, automation and response (SOAR) short term analytics, storage, anomaly detection, the whole nine yards in terms of the totality of all of it,” Thomas said. “Why I can do that? Because I’m unifying the network. That’s a critical piece of it.”
Thomas said the Marines will no longer have to implement cyber capabilities on individual networks, allowing for standardization and optimization as well as the ability to ensure the cyber tools reach the tactical edge too.
Marines’ zero trust priorities
The Marines are moving from, for example, 17 different cloud instances that supported disparate networks like the ones used by the Marines Expeditionary Forces. Thomas said the Marines have been consolidating them into an enterprise network called the Marine Corps Enterprise Network and then finally the Marine Corps Warfighting Network.
“This will alleviate all of the problems in terms of individuals trying to get to that [zero trust] state, and then the entire Marine Corps, at one level, providing that,” Thomas said. “A tail to that is once the unification happens on the Marine Corps side, this will help in terms of the joint all-domain command and control (JADC2) interoperability with our service partners and coalition with our bilateral or any other partner nations. And then there’s this Cyber Command of in terms of big data platform, so once it’s all together, it helps in terms of a single repository containing all the information. I am not putting it into one platform or one tool, it’s a mesh.”
While the network consolidation continues, Thomas said the Marines have several ongoing zero trust priorities, including obtaining impact level five (IL5) for the unclassified network, improving the Marines Corps’ identity and access management capabilities, and implementing a big data platform.
“We’re moving out on the secret network rollout. So multiple different areas in terms of what’s the structure in terms of tactical edge and enterprise,” he said. “A new thing that I’ve been done to try to figure out to just unification of all the Marine Corps Community Services facilities related control services, industrial control systems and the SCADA networks, I’m bringing all that in so I can figure out the risk posture and do risk management across the entire terrain. What are our single points of failure? Because number one priority for the network is assured command and control in a crisis in conflict and in competition.”