Multidomain Architecture Strategic Definitions: Part One of Multidomain Architectures, the IT Manhattan Project, and Delivering the “Real” Zero Trust

March 23, 2022 | 19 views

Federal IT environments
“Belonging to the essential nature of a thing; originating and included wholly within an organ or part.” That is the definition of “Intrinsic.” When we were developing the “IT Manhattan Project” framework, we were doing so in direct response to some of the most significant hacks in U.S. Federal history, which piled on to the already unprecedented push to expedite the modernizing of federal IT because of the COVID-19 response. The COVID-19 response shifted the way that the U.S. federal government operated, where our workforce worked from, the immediate need for mobile ‘available from anywhere’ workloads, and how to both secure and support that new way of doing federal business. A new, vigorous push towards rapidly modernizing federal IT environments was underway. Ultimately, it laid the groundwork for producing transformational federal memos and oversight by way of some of the following:

  • Executive Order 14028: “Improving The Nation’s Cybersecurity”
  • M-22-09: OMB’s Zero Trust Strategy M-22-09
  • NIST 800-53rev5: Fulfilling an expedited realization of the overall intent of NIST 800-53r5 through the emphasis on things like conditional access, TIC 3.0 frameworks, Secure Orchestration/Automation/Remediation, and modernized, agile approaches to secure micro-segmentation from Hybrid Environments up to Federal Cloud instances

Overall mandates like these carry with them a consistent anthem driving at rapid IT modernization with rigorous proof of performance schedules attached. Piling on top of those Herculean efforts, the urgency was drastically increased by several of the highest profile cyber compromises in U.S. federal history. Rapid modernization had to happen right away. The time for IT transformation was here, backed by promises of significant funding and a high level of political visibility.


The Shift to Zero Trust

At their core intent, Zero Trust architectures are expected to provide a centralized policy structure that dictates how every individual flow in our IT environments are permitted to talk.  No user, host, or flow is permitted without being subjected to rigorous authentication and authorization policy. This shifts our previous understanding of North-South, East-West traffic and how we police it. The foundational intent of Zero Trust architectures centers around applying unified policy to every transaction that occurs between enterprise resources, and doing so in ways that are agnostic to the IT Silo that they reside in.

Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location.”

NIST 800-207 aptly

They go on to explain that the scope of this posture includes all assets, workflows, network accounts, and the like. In summary, police everything, abstract production traffic intent from the underlying infrastructure that supports it, and institute a unified security posture to execute the policing at every network entry point. Regardless of the domain. We all know that this is a tectonic but much-needed shift in our industry. I’d go so far as to say that the successful instantiation of this approach across Federal IT environments is critical to our national security going forward.

Management Complexities

Enterprise IT domains contain varied mixtures of OEM solutions, home-grown tools, and utilize a wide variety of protocols to intercommunicate that aren’t necessarily standardize. Each of these domains is normally managed by separate IT teams who specialize in maintaining those environments. In the federal landscape, each of these domains aren’t just managed by separate enterprise IT teams, but are commonly managed by different contractors. Therefore, IT security organizations have a difficult time achieving and maintaining the necessary operational awareness required to enforce centralized policy. These cultural complexities exacerbated by budgeting concerns have created a fatalistic mentality when it comes to far-reaching mandates. This is where the tectonic shift in architectural and administrative approach is so necessary. This is where multidomain architectures shine.

Let’s define a common baseline of enterprise domains seen across traditional IT environments:

  • Cloud
  • Data Center
  • Enterprise Networking
  • Extended Enterprise (IoT, OT/ICS)
  • Remote Access

But to deliver a successful Zero Trust across the enterprise, it is first necessary to understand some foundational building blocks on which to construct our architectural approach:

  • We can’t have MULTIDOMAIN POLICY without first achieving fuller
  • We can’t deliver macro and micro-segmentation without first having robust MULTIDOMAIN
  • We can’t have multi-vendor MULTIDOMAIN Zero Trust POLICY without sensical INTEGRATIONS to stitch each enterprise domain together.

Let’s face it, enterprise IT environments don’t simply include infrastructure from a single manufacturer, or even a few key manufacturers. Rather, our Enterprise IT environments are represented by a plethora of IT manufacturers specializing in different niches of IT and the domains they are commonly found in. These environments are managed by different Federal IT organizations, different contractors who support these Federal IT organizations, and many different teams that support each common IT silo. Different teams that support oft-compartmentalized areas like Network Security Operations, Network Operations, Data Center Operations, Institutional Services, Wide Area Networking contracts, Operational Technologies, and dotted lines to different leadership oversight like CIO Programs, CTO Architecture, the Cyber Security Office, and the audit oversight bodies that they are subjected to. Each of these make up a complex support structure that isn’t necessarily streamlined for efficiency.

Summary and Overarching Goals

In articles to follow, you’ll see us referencing the IT Manhattan Project framework several times. Though many details of the framework can’t be discussed due to their sensitivity, the foundational principles are relevant across the board when pursuing intrinsic multidomain Zero Trust.

  • Establish Visibility (Administration, Telemetry, Assurance)
  • Define Straightforward Policy Structure and Hierarchy (Auth Chains)
  • Perform Multidomain Integrations (API Integrations)
  • Deploy Software-Defined Framework (Day-0, Programmable Fabrics, Multi-OEM Fabric Integrations)
  • Establish Sensical Automation Runbooks (Day-2 Operations)

We will also explore some areas that deliver unexpected value to the agency business in immediate ways. All of this will help create a cohesive story that helps CIOs, CISOs, and enterprise architects alike communicate the criticality of this multidomain Zero Trust approach to agency leaders across the federal spectrum.

Spotlight

Puerto Rico Federal Affairs Administration

The Puerto Rico Federal Affairs Administration dedicates to the task of ably representing and advancing the interests of the Government of Puerto Rico before federal, state and local governments. The PRFAA team is one that is focused on promoting the Government of Puerto Rico's economic and public policy initiatives to achieve a better quality of life for the people of Puerto Rico. In carrying out its responsabilities, PRFAA works closely with agencies throughout the Government of Puerto Rico, as well as with Puerto Rico legislative leaders and mayors.

OTHER ARTICLES

How Can State and Local Agencies Better Collaborate on Cybersecurity?

Article | February 12, 2020

Some state governments, such as Massachusetts, have established formal plans to work with localities within their states on cybersecurity. However, as ransomware attacks proliferate across the country and strike big cities and small towns alike, state-level organizations say there needs to be greater IT security coordination between states and municipalities. Last month, the National Governors Association and the National Association of State Chief Information Officers released a report, “Stronger Together: State and Local Cybersecurity Collaboration,” designed to showcase best practices for such collaboration.

Read More

Bill Offers $400M for State, Local Government Cybersecurity

Article | February 12, 2020

With state and local governments beset by a precipitous rise in cyberattacks, new federal legislation might provide some necessary cover where needed. The State and Local Cybersecurity Improvement Act would create a grant program worth $400 million to finance cybersecurity efforts in communities across the country, according to a release. Eligible communities would be able to apply for funds, provided through the Department of Homeland Security, which would be allocated to assist in areas like vulnerability scanning and testing, cyberworkforce development and intelligence sharing, according to the bill text.

Read More

U.S. Air Force and Microsoft partner to empower airmen with modern IT

Article | February 11, 2020

The U.S. Air Force is breaking the glass as a leader in harnessing the power of cloud, rapidly rolling out modern services to enable airmen to advance the mission through more effective collaboration. As part of their digital transformation journey to achieve global access, persistence, and awareness for the 21st century, the U.S. Air Force is deploying targeted workloads that allow airmen to focus on their missions rather than spending time managing IT infrastructure.

Read More

How 3 U.S. government agencies use Smartsheet to achieve their missions

Article | February 10, 2020

Federal government agencies use Smartsheet Gov, a work execution platform designed especially for government agencies, to make work processes more speedy and effective, empower their workers to have higher visibility into information and metrics, and ultimately achieve more. Federal agencies are looking for ways to drive efficiencies, break down silos, reduce costs, and ultimately to achieve their missions. Read on to learn from three organizations about how the Smartsheet Gov platform helps them manage information, projects, programs, and processes.

Read More

Spotlight

Puerto Rico Federal Affairs Administration

The Puerto Rico Federal Affairs Administration dedicates to the task of ably representing and advancing the interests of the Government of Puerto Rico before federal, state and local governments. The PRFAA team is one that is focused on promoting the Government of Puerto Rico's economic and public policy initiatives to achieve a better quality of life for the people of Puerto Rico. In carrying out its responsabilities, PRFAA works closely with agencies throughout the Government of Puerto Rico, as well as with Puerto Rico legislative leaders and mayors.

Related News

CYBERSECURITY

Verimatrix Threat Defense Technology Wins 2022 Global Infosec Award

Verimatrix | June 20, 2022

Verimatrix, the leader in powering the modern connected world with people-centered security, announced Verimatrix App Shield, part of the company’s Extended Threat Defense family of products, won this year’s Global Infosec Award for Most Comprehensive Mobile Application Security. Providing fast yet comprehensive protection for mobile apps, developers turn to App Shield for powerful no-code protection against potentially devastating threats such as reverse engineering, application repackaging, emulators, debuggers and more. In 2021, Verimatrix was named winner in the Next Gen for Application Security category, marking ongoing recognition for its application shielding technology that continues to protect a growing number of apps worldwide spanning industries such as automotive, finance and medical. Verimatrix uniquely combines ease of use with security innovations that make App Shield an appealing option for protecting an app for publishing on the app stores. We’re pleased to receive this repeated honor, as we are committed to providing a streamlined path toward powerful protections – freeing up app developers to focus on their core business while still providing peace of mind that vital intellectual property, source code, APIs and personal data are safe.” Asaf Ashkenazi, Chief Operating Officer and President at Verimatrix App Shield injects protections directly into an Android APK or iOS xcarchive package via a zero-code SaaS service that takes only minutes to use. App Shield support various mobile app programming languages such as Swift, Kotlin, Java, C, C++ and Obj-C. The industry award program has been organized by Cyber Defense Magazine (CDM) for the last 10 years. Its judges are CISSP, FMDHS, and CEH certified security professionals who vote based on their independent review of company submissions. About Cyber Defense Magazine Cyber Defense Magazine is the premier source of cyber security news and information for InfoSec professions in business and government. Managed and published by and for ethical, honest, passionate information security professionals, the magazine’s mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. It delivers electronic magazines every month online for free, and special editions exclusively for the RSA Conferences. CDM is a proud member of the Cyber Defense Media Group. About Verimatrix Verimatrix helps power the modern connected world with security made for people. We protect digital content, applications, and devices with intuitive, people-centered and frictionless security. Leading brands turn to Verimatrix to secure everything from premium movies and live streaming sports, to sensitive financial and healthcare data, to mission-critical mobile applications. We enable the trusted connections our customers depend on to deliver compelling content and experiences to millions of consumers around the world. Verimatrix helps partners get to market faster, scale easily, protect valuable revenue streams, and win new business.

Read More

CYBERSECURITY

Peraton Subsidiary Wins $563M DoD Cyber Crime Center (DC3) Task Order

Peraton | June 18, 2022

Perspecta Enterprise Services LLC, a Peraton subsidiary, has been awarded the Department of Defense (DoD) Cyber Crime Center (DC3) Technical, Analytical, and Business Operations Services (TABO) task order, worth up to $562.9 million over a 1-year base period and four 1-year option periods. The task order was issued by the General Services Administration (GSA) Federal Systems Integration and Management Center (FEDSIM) under the Alliant 2 Governmentwide Acquisition Contract (GWAC). Perspecta Enterprise Services will support essential DC3 missions by delivering digital forensics, multimedia forensics, technical solutions development, cyber analytics, and vulnerability sharing support for DoD and National requirements in law enforcement, counterintelligence, counterterrorism, cybersecurity, and critical infrastructure protection. DC3 is a federal cyber center, DoD center of excellence, and is the operational focal point for the Defense Industrial Base Cybersecurity Program. We are honored that DC3 has entrusted us to support its critical missions across a range of complex technical and operational domains. We look forward to providing our integrated capabilities across the cyber, defense and intelligence domains to help DC3 address an evolving and complex threat environment." Roger Mason, Ph.D., president, Space & Intelligence sector, Peraton As one of the federal government's largest full-spectrum cyber contractors, Peraton delivers robust cyber solutions and services, enabling customers to secure their digital domain, including 24x7x365 protection of the nation's most critical networks and data systems. "With computer crime being so prolific, the DoD requires experienced digital professionals now more than ever. Peraton employs some of the industry's leading digital forensic analysts and malware reverse engineers, and as a former DC3 operations leader, I am excited to bring our collective expertise to bear in service of the Center's growing responsibilities," said Bob Renko, director, Digital Forensics, Peraton. About Peraton Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, citizen security, health, and state and local markets. Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.

Read More

CYBERSECURITY

Darktrace Federal Announces Former U.S Marine and Senior CIA Officer Appointed as CEO

Darktrace | June 09, 2022

Darktrace Federal, Inc., a division of Darktrace plc, a global leader in cyber security AI, announced that it has appointed Marcus Fowler, former U.S Marine and senior CIA officer, as its Chief Executive Officer. Darktrace launched Darktrace Federal in March 2022 and since then has continued to advance its mission to serve the U.S. Department of Defense (DoD), the intelligence community (IC), federal civilian agencies, and national critical infrastructure to strengthen their defenses with Self-Learning AI. Darktrace Federal will ensure mission resilience, augment and accelerate zero trust implementations, and proactively defend against zero-days, insider threats, and supply chain compromises. In addition to defending on-premise and cloud IT and OT environments, Darktrace's email security technology will be the basis for enabling federal entities to disrupt targeted, socially-engineered impersonation and account hijack attacks. Since its establishment, Darktrace Federal has been focusing on the following key areas: Deploying products based on Darktrace's advanced Self-Learning AI technology on-premise and completing FedRAMP certification for email security and cloud deployments. For FedRAMP, Darktrace Federal is in the process of establishing Impact Level-5 and GCC High to protect federal civilian, DoD, and IC environments. Providing technical demonstrations of Darktrace's Self-Learning AI-based approach to cyber security to federal government critical infrastructure agencies. Utilizing the new DoD contract funding vehicle Darktrace has executed to enable rapid deployment with DoD and federal civilian agencies and partners. At such a critical moment in our nation's history, when nation-state cyber-aggressors are actively conducting operations for dominance in cyberspace, we aim to empower the U.S. government to be steps ahead of attackers to neutralize stealthy and sophisticated threats at their earliest stages. I am honored to lead the Darktrace Federal team and bring Darktrace's proven AI technology to federal customers." Marcus Fowler, CEO at Darktrace Federal Patrick Gonzalez, former U.S Air Force and U.S. Space Force contracting officer, who is a member of the Darktrace Federal advisory board and brings with him a wealth of experience in government acquisition and contracts, commented: "Following a lengthy career in this space, I am thrilled to see such a high level of interest so soon after the launch of Darktrace Federal. I am proud that we are taking the necessary steps to do business with the federal government and will continue to work hard to meet demand and ensure Darktrace Federal is on appropriate contract vehicles." For Darktrace Federal inquiries or contract vehicle references, please contact Sally Grant, VP of Darktrace Federal Grant emphasizes, "we are standing by to support U.S. government cyber defenses. The speed and scale of modern cyber threats requires AI to augment human cyber defenders. We are here to support cyber analyst teams under attack from machine-driven cyber warfare." About Darktrace Federal, Inc Darktrace Federal, Inc. is the U.S. Federal Division of Darktrace plc (DARK.L). Darktrace plc is a global leader in cyber security AI, delivering world-class technology that protects over 6,800 customers worldwide from malicious threats. Darktrace Federal applies Darktrace's Self-Learning AI to enable unsupervised machine learning to defend and respond to nation-state attacks.

Read More

CYBERSECURITY

Verimatrix Threat Defense Technology Wins 2022 Global Infosec Award

Verimatrix | June 20, 2022

Verimatrix, the leader in powering the modern connected world with people-centered security, announced Verimatrix App Shield, part of the company’s Extended Threat Defense family of products, won this year’s Global Infosec Award for Most Comprehensive Mobile Application Security. Providing fast yet comprehensive protection for mobile apps, developers turn to App Shield for powerful no-code protection against potentially devastating threats such as reverse engineering, application repackaging, emulators, debuggers and more. In 2021, Verimatrix was named winner in the Next Gen for Application Security category, marking ongoing recognition for its application shielding technology that continues to protect a growing number of apps worldwide spanning industries such as automotive, finance and medical. Verimatrix uniquely combines ease of use with security innovations that make App Shield an appealing option for protecting an app for publishing on the app stores. We’re pleased to receive this repeated honor, as we are committed to providing a streamlined path toward powerful protections – freeing up app developers to focus on their core business while still providing peace of mind that vital intellectual property, source code, APIs and personal data are safe.” Asaf Ashkenazi, Chief Operating Officer and President at Verimatrix App Shield injects protections directly into an Android APK or iOS xcarchive package via a zero-code SaaS service that takes only minutes to use. App Shield support various mobile app programming languages such as Swift, Kotlin, Java, C, C++ and Obj-C. The industry award program has been organized by Cyber Defense Magazine (CDM) for the last 10 years. Its judges are CISSP, FMDHS, and CEH certified security professionals who vote based on their independent review of company submissions. About Cyber Defense Magazine Cyber Defense Magazine is the premier source of cyber security news and information for InfoSec professions in business and government. Managed and published by and for ethical, honest, passionate information security professionals, the magazine’s mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. It delivers electronic magazines every month online for free, and special editions exclusively for the RSA Conferences. CDM is a proud member of the Cyber Defense Media Group. About Verimatrix Verimatrix helps power the modern connected world with security made for people. We protect digital content, applications, and devices with intuitive, people-centered and frictionless security. Leading brands turn to Verimatrix to secure everything from premium movies and live streaming sports, to sensitive financial and healthcare data, to mission-critical mobile applications. We enable the trusted connections our customers depend on to deliver compelling content and experiences to millions of consumers around the world. Verimatrix helps partners get to market faster, scale easily, protect valuable revenue streams, and win new business.

Read More

CYBERSECURITY

Peraton Subsidiary Wins $563M DoD Cyber Crime Center (DC3) Task Order

Peraton | June 18, 2022

Perspecta Enterprise Services LLC, a Peraton subsidiary, has been awarded the Department of Defense (DoD) Cyber Crime Center (DC3) Technical, Analytical, and Business Operations Services (TABO) task order, worth up to $562.9 million over a 1-year base period and four 1-year option periods. The task order was issued by the General Services Administration (GSA) Federal Systems Integration and Management Center (FEDSIM) under the Alliant 2 Governmentwide Acquisition Contract (GWAC). Perspecta Enterprise Services will support essential DC3 missions by delivering digital forensics, multimedia forensics, technical solutions development, cyber analytics, and vulnerability sharing support for DoD and National requirements in law enforcement, counterintelligence, counterterrorism, cybersecurity, and critical infrastructure protection. DC3 is a federal cyber center, DoD center of excellence, and is the operational focal point for the Defense Industrial Base Cybersecurity Program. We are honored that DC3 has entrusted us to support its critical missions across a range of complex technical and operational domains. We look forward to providing our integrated capabilities across the cyber, defense and intelligence domains to help DC3 address an evolving and complex threat environment." Roger Mason, Ph.D., president, Space & Intelligence sector, Peraton As one of the federal government's largest full-spectrum cyber contractors, Peraton delivers robust cyber solutions and services, enabling customers to secure their digital domain, including 24x7x365 protection of the nation's most critical networks and data systems. "With computer crime being so prolific, the DoD requires experienced digital professionals now more than ever. Peraton employs some of the industry's leading digital forensic analysts and malware reverse engineers, and as a former DC3 operations leader, I am excited to bring our collective expertise to bear in service of the Center's growing responsibilities," said Bob Renko, director, Digital Forensics, Peraton. About Peraton Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, citizen security, health, and state and local markets. Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.

Read More

CYBERSECURITY

Darktrace Federal Announces Former U.S Marine and Senior CIA Officer Appointed as CEO

Darktrace | June 09, 2022

Darktrace Federal, Inc., a division of Darktrace plc, a global leader in cyber security AI, announced that it has appointed Marcus Fowler, former U.S Marine and senior CIA officer, as its Chief Executive Officer. Darktrace launched Darktrace Federal in March 2022 and since then has continued to advance its mission to serve the U.S. Department of Defense (DoD), the intelligence community (IC), federal civilian agencies, and national critical infrastructure to strengthen their defenses with Self-Learning AI. Darktrace Federal will ensure mission resilience, augment and accelerate zero trust implementations, and proactively defend against zero-days, insider threats, and supply chain compromises. In addition to defending on-premise and cloud IT and OT environments, Darktrace's email security technology will be the basis for enabling federal entities to disrupt targeted, socially-engineered impersonation and account hijack attacks. Since its establishment, Darktrace Federal has been focusing on the following key areas: Deploying products based on Darktrace's advanced Self-Learning AI technology on-premise and completing FedRAMP certification for email security and cloud deployments. For FedRAMP, Darktrace Federal is in the process of establishing Impact Level-5 and GCC High to protect federal civilian, DoD, and IC environments. Providing technical demonstrations of Darktrace's Self-Learning AI-based approach to cyber security to federal government critical infrastructure agencies. Utilizing the new DoD contract funding vehicle Darktrace has executed to enable rapid deployment with DoD and federal civilian agencies and partners. At such a critical moment in our nation's history, when nation-state cyber-aggressors are actively conducting operations for dominance in cyberspace, we aim to empower the U.S. government to be steps ahead of attackers to neutralize stealthy and sophisticated threats at their earliest stages. I am honored to lead the Darktrace Federal team and bring Darktrace's proven AI technology to federal customers." Marcus Fowler, CEO at Darktrace Federal Patrick Gonzalez, former U.S Air Force and U.S. Space Force contracting officer, who is a member of the Darktrace Federal advisory board and brings with him a wealth of experience in government acquisition and contracts, commented: "Following a lengthy career in this space, I am thrilled to see such a high level of interest so soon after the launch of Darktrace Federal. I am proud that we are taking the necessary steps to do business with the federal government and will continue to work hard to meet demand and ensure Darktrace Federal is on appropriate contract vehicles." For Darktrace Federal inquiries or contract vehicle references, please contact Sally Grant, VP of Darktrace Federal Grant emphasizes, "we are standing by to support U.S. government cyber defenses. The speed and scale of modern cyber threats requires AI to augment human cyber defenders. We are here to support cyber analyst teams under attack from machine-driven cyber warfare." About Darktrace Federal, Inc Darktrace Federal, Inc. is the U.S. Federal Division of Darktrace plc (DARK.L). Darktrace plc is a global leader in cyber security AI, delivering world-class technology that protects over 6,800 customers worldwide from malicious threats. Darktrace Federal applies Darktrace's Self-Learning AI to enable unsupervised machine learning to defend and respond to nation-state attacks.

Read More

Events