The Defense Information Systems Agency’s (DISA) Thunderdome zero trust project, along with associated identity, credential, and access management (ICAM) efforts, is currently in the process of standing up capabilities in a lab setting before testing it in fielded networks and eventually doing an operational assessment this fall.
That was the word at AFCEA International’s TechNet Cyber event this week from Director of the Cybersecurity and Analytics Directorate at DISA, Dr. Brian Hermann.
“We’re going to test it at the Pentagon, we’re going to test it at Fort Meade, and we’re looking at another location—maybe another collaboration with a different service as part of that as well,” Hermann said during the event. “But the goal is to do an operational assessment and then an operational test of the capability this fall and be able to make a production decision at the end of the year timeframe.”
The Thunderdome project is DISA’s new acquisition activity and prototype effort that is key to zero trust security and network architecture for the agency.
“I want to make it clear that what we’re doing with Thunderdome is a stepping stone for zero trust but it also relies … on other parts and other initiatives within the department cybersecurity architecture,” Brandon Iske, DISA’s chief engineer for security enablers, said in February.
Hermann echoed this sentiment during the TechNet event by emphasizing the importance of interoperability in making zero trust work within the organization and governmentwide.
“I believe that that if people take that perspective of trying to achieve key interoperability goals of the capabilities that we’re putting in place, we will be better off,” Hermann said.
“A goal of Thunderdome is to is to make sure that we can determine where we need to have the same solutions as the services if there is no interoperability, and where we can accept variances or different solutions in certain aspects of zero trust,” Hermann added.
