Rethinking Zero Trust in the Age of Digital Warfare | Tech Radar

Overview

News, deals, reviews, guides and more on the newest smartphones

News, deals, reviews, guides and more on the newest computing gadgets

Details

Start exploring exclusive deals, expert advice and more

Unlock and manage exclusive Techradar member rewards.

Rethinking Zero Trust in the Age of Digital Warfare

Why defense agencies must go beyond Zero Trust to share intelligence at mission speed

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Unlock instant access to exclusive member features.

Get full access to premium articles, exclusive features and a growing list of member rewards.

For over 16 years, the Zero Trust cybersecurity model has upheld the principle of “never trust, always verify” and has become the universal standard across government and defense organizations.

But Zero Trust Access wasn’t built with Cross Domain Transfer – secure, policy-enforced data transfer between networks with varying security classifications – in mind.

That’s an issue, as modern cyber warfare runs on speedy intelligence sharing, quick coalition tempo and data-driven decision advantage.

Data sovereignty creates an illusion of security: the real battle is software integrity

Proof over promises: a new doctrine for cybersecurity

Given this, it’s no surprise that more and more cyber leaders are recognizing that Zero Trust alone cannot secure operations that span multiple classification levels and allied nation environments.

A new strategic foundation to both enable and secure the flow of mission-critical information is taking shape.

In today’s high-octane international cyber battlespace, government and defense alliances such as NATO and operational initiatives such as the U. S. Combined Joint All-Domain Command and Control (CJADC2) are facing a complex problem.

As attack volumes increase, the ability to move data securely across domains and allies at mission speed for defense agencies to triage and respond becomes more crucial. At the same time, sharing and accessing sensitive data is a major operational risk for organizations at the frontlines of national security.

This conundrum requires more than Zero Trust Access to solve. Zero trust treats all network traffic as a potential breach and ensures that no users or systems are trusted by default. This suits securing IT infrastructure, but is less suited to data, especially when it comes to securing data that’s in transit.

Current conflicts demand fast, coalition-wide data sharing across multi-domain environments, such as land, cyber and cloud computing, in near real-time. In these environments, latency is not an inconvenience; it is an operational vulnerability that a sole reliance on Zero Trust opens the door to.

When weighing up how a sole reliance on Zero Trust causes problems, we need to consider wider factors that could contribute to a disastrous cyber security breach or lapse of cyber defenses. Without specialist mechanisms for data security and secure data exchange, national security agencies face a quiet, compounding erosion of operational tempo.

Data sovereignty: an existential issue for nations and enterprises

Data sovereignty: not just an issue for governments

Beyond the spike: building resilient and trusted infrastructure in an era of sustained attacks

Data can’t move at mission speed, decision latency is the norm and intelligence gets stuck at classification boundaries awaiting manual transfer.

This can be seen as an internal friction for security agencies, but that risks downplaying how modern cyber warfare works in practice. Defense initiatives are predicated on the assumption that partners can share intelligence securely and at pace.

An organization that hasn't solved cross-domain data flow doesn't just put its own mission at risk; it degrades the collective tempo and trust of the entire coalition.

Shared identity frameworks and federated access policies across systems and partners alike have to be part of the solution. In a recent Everfox study, 64% of security leaders said they believe that secure data movement is the greatest barrier to achieving effective Zero Trust strategies.

In other words, Zero Trust environments struggle not because verification is unnecessary, but because verification alone does not solve cross-domain data orchestration. And when Zero Trust is implemented in isolation, it makes it harder to share data securely and collaborate.

To be battle-ready, national security organizations need to adopt a cohesive architecture that remedies these problems with data sharing at mission-speed and across multiple domains, partners and classification levels.

The solution is a data-centric model which applies security controls directly to data itself. This isn’t hypothetical. The aforementioned study found that nine in ten have adopted or are in the process of implementing a data-centric security approach.

What does this look like in practice? It entails integrating three frameworks: Zero Trust Architecture (ZTA), Data Centric Security (DCS) and Cross Domain Solutions (CDS). Each framework brings a key strength: ZTA provides continuous verification (the need for which is never going away), DCS applies security controls to data so intelligence can move securely across networks despite any variation in classification or trust level and CDS facilitates secure data exchange without compromising speed.

Together, this integrated architecture shifts security from static perimeter enforcement to dynamic, policy-driven data mobility, laying the groundwork and equipping organizations with the foundational tools for navigating the digital battlespace.

When deployed in concert, these frameworks shorten decision cycles and accelerate information exchange without diluting governance controls.

Zero Trust is an essential principle in government and defense organizations, but it often falls short in sharing data at mission speed. In modern conflict, battles are increasingly fought through digital networks where data is the decisive asset.

Navigating the digital battlespace requires the seamless movement of secure information across domains, and a sole reliance on Zero Trust doesn’t help to hit that requirement.

By complementing Zero Trust principles with DCS and CDS, national security organizations can usher in a new era of data-centric security based on the agility that modern mission success demands.

You must confirm your public display name before commenting

1I thought the LG Gram Book could be the perfect sensibly-priced laptop for work or school - and boy, I was wrong

2A 90-year-old audio brand just put out its most affordable speakers yet — and the specs look very tasty indeed

3I asked Chat GPT how to feel less exhausted — what it said wasn’t new, but it worked

4 Smartphones in space — the Artemis II crew are throwing an i Phone around in zero gravity

5 Cloudflare launches Em Dash — the 'spiritual successor' that wants to take on Word Press

Tech Radar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.