The U.S. Department of Defense (DoD) has a zero-trust challenge. Simultaneously, the cyber threat landscape and offensive and defense tactics are evolving with AI and ML advancements, including the ability for adversaries to use sophisticated algorithms to identify network and software vulnerabilities, predict patterns and exploit weaknesses. This all means that the need to take a data-minded approach to improve security practices has grown ever more essential.

Using zero-trust security principles is a smart foundation for the DoD because it assumes no one is trusted by default, whether inside or outside an organization’s network, and requires strict identity authentication and continuous verification to maintain the security of critical assets and networks. However, the problem is that there isn’t a consistent approach to zero-trust training and implementation across agencies now. It’s difficult to implement with varying security needs, levels of tooling, training, and adoption in the armed services. The military must move from an isolated network management model to a more integrated approach to solve this challenge.

To help overcome these challenges, the DoD released a comprehensive 400-page Zero Trust Overlays guide, aiming to standardize the process for the first time. However, this voluminous guide will take time to implement, and the DoD doesn’t expect to reach full zero trust implementation until 2027. So, where do agencies begin and how do we improve training and jumpstart implementation now?

On the AI Offensive Battlefield

Adversaries are using AL and ML technologies to enhance cyberattacks, making them more sophisticated and harder to detect. For example, AI-driven attacks can adapt and evolve in real-time, helping threat actors change their techniques faster than Defensive Cyber Operations (DCO) can counter. AI and ML also help automate and scale these efforts, creating more believable and larger-scale phishing campaigns and sophisticated malware distribution. All these tactics pose a substantial risk to government agencies with insufficiently protected digital assets and connected devices.

These technologies can also exploit cloud, network and device vulnerabilities. Using AI and ML to analyze vast amounts of data, attackers can identify and target weaknesses with pinpoint accuracy. They may also be able to poison underlying AI language models to create false alerts and unwanted actions from defensive tools.

Harnessing AI for Better Defense

To counter these techniques, the military also uses AI and ML in defensive measures to augment key cybersecurity actions, such as detecting anomalies, generating alerts and responding to incidents. AI-driven systems can also analyze network traffic and user behavior patterns to identify potential threats faster than humans alone. At the same time, ML algorithms are enhancing security information and event management (SIEM) systems and security orchestration automation and response (SOAR) tools to make them more effective at managing and mitigating inbound threats.

However, the effectiveness of the military’s cyber defenses still heavily relies on having effective training and an understanding of the underlying technology. Cybersecurity professionals must be able to interpret AI-driven insights and make informed decisions based on them.

Trust No One and Train Everyone

Zero-trust architecture is increasingly seen as a solution to the challenges posed by AI and ML. Initial training must focus on standardizing basic technologies – including secure web gateways, zero-trust network access solutions, identity and access management, multi-factor authentication, device certification and biometrics, among others – and developing a common understanding of zero-trust principles. This foundation will support more advanced security measures as the DoD moves towards full implementation at scale.

As the next step, zero-trust training must build an integrated data-centric mindset rather than solely focusing on specific security tools or technologies. Emphasizing the importance of understanding and managing data elements such as authentication logs and connected device health will provide a more robust foundation for zero-trust implementation. This will not only protect data, but also create a standard approach that includes additional sensors to identify potential misconfigurations, leaks or malicious activity.

Training should be an organization-wide awareness effort to build security and privacy literacy, educating all employees on the importance of a zero-trust approach to protect DoD information, systems, networks and personnel. From there, organizations can focus on more specific managerial and role-based training for system developers. This documentation will help build institutional knowledge on how to continually provide the security, privacy and control functions needed to maintain a zero-trust environment.

Remember, while every DoD agency’s mission and job functions may vary, there still needs to be a standard that each mission must achieve to secure the baseline across the department. This also makes collaboration with the private sector, like the CISA Joint Cyber Defense Collaborative (JCDC) for threat intelligence and expertise sharing, very beneficial when creating zero-trust models. Engaging with industry leaders will help ensure that security policies and training programs reflect the latest threat advancements and security best practices. This collaboration will also support a more agile and informed cybersecurity approach, enabling the military to better manage the challenges of AI and ML.

Strengthening Government Security for the Future

The weaponization of AI and ML has further complicated the digital battlefield, presenting significant challenges and opportunities. As adversaries exploit these technologies to enhance their offensive capabilities, the military must harness AI and ML defensively while maintaining zero-trust principles. By taking a proactive and unified approach to zero-trust training and adoption, the U.S. armed forces can stay ahead of evolving threats and build a more secure defense for the future.