Updated Pentagon zero trust strategy release imminent

The U.S. Defense Department was noted by its Zero Trust Portfolio Management Office Senior Advisor Randy Resnick to be preparing to release Zero Trust Strategy 2.0 around March 2026, updating its cybersecurity framework to cover systems beyond IT, including weapons, operational technology, internet-of-things devices, and defense critical infrastructure, DefenseScoop reports.

The new strategy will expand on the Defense Department's original zero-trust roadmap from 2022, which focused on implementing updated security controls across IT systems. Zero trust operates on the principle that networks and systems may already be compromised, requiring continuous authentication and monitoring of users and devices.

For IT systems, the department set 91 target-level outcomes to meet by fiscal 2027 and 61 advanced-level outcomes by fiscal 2032. Operational technology has 84 target-level outcomes and 21 advanced-level outcomes, with deadlines in fiscal 2030 and 2033, respectively. Resnick said the Pentagon is confident lessons from IT security will help speed up zero-trust adoption in other areas.

"Congress wants us to go faster, everybody wants us to go fasterand so we are marking these deadlines as lines in the sand and we're going to hold people accountable, including the support system in DODto fund and support this," he said.