Innovating Zero Trust for the Government Sector
by MNJR | July 09, 2023 | Category: Press
We wrote in March that Diode was honored to be selected as the emerging Zero Trust communications company to participate in the Defensive Cyber Operations (DCO) for Space cohort program, held at the Catalyst Campus for Technology and Innovation (CCTI) in Colorado Springs, CO. The Catalyst program is a partnership between the Air Force Research Laboratory (AFRL) and CCTI, and its objective is to integrate nontraditional tech companies into the national security ecosystem.
Hans and Eric from Diode attended the program and interacted with civilian and defense professionals who are working daily to deepen the defensive cyber posture of the United States Space Force. Here were some of our takeaways for how the Government Sector is engaging Zero Trust innovations:
1 - Zero Trust is driving investment
Checkpoint research released a report showing that cyberattacks rose over 22% year-on-year by the close of 2022. Due to these rising threats, both civilian and defense government agencies have roadmaps to implement Zero Trust, with deadlines ranging from 2024 through 2027.
As a result of the drive-to-adoption, “Zero Trust” has become a buzz word, with all the good and bad that accompanies it. For example, statements like “Zero Trust is an approach, not a product”, while true from a certain perspective, are thrown around by firms seeking to provide consulting services to entities trying to sort out how to succeed in a Zero Trust world. No less than three organizations we talked to mentioned their involvement in creating DISA’s Zero Trust reference architecture (and we can imagine perhaps more than that were actually involved!).
Whatever the actual end state, it is clear that a Zero Trust revolution is in the making, and that significant effort, changes, and capabilities will be required to see it succeed.
2 - Zero Trust benefits BOTH external security AND internal operations
As we spoke to officers in the USSF’s Delta 6, collaborated with the Guardians, heard from the “Primes”, and strategized with leadership, it became apparent the need for enhanced DCO capabilities were great. It was satisfying to see how Zero Trust communications could effectively address identified security needs for which no other practical solution exists. However, the needs were not limited to external security imperatives - the needs also encompassed more internal topics such as training, collaboration between DCO and operational teams, collaboration with vendor/contractor teams, informing the right influencers, securing the necessary prioritization, and achieving certifications.
As we dug in, because of the non-technical challenges, we were able to observe how Zero Trust’s ability to simplify digital security internally was nearly as powerful as its ability to secure digital operations externally. We also found that Diode’s ability to rapidly provision Zero Trust infrastructure on-premise, in remote operating theaters, and in the cloud was unique, and can make Zero Trust accessible for even the most demanding customer.
3 - Partnerships expand opportunities
Supplying commercial technology to government buyers is a multi-faceted effort. Despite the desire for collaboration on both sides, and perhaps due to it, there are a myriad of acronyms, systems, accounts, formats, roles, and programs related to helping commercial businesses supply technologies and services to the government. We found the partnerships with the CCTI team and the over 100 other partners we met during the program to each deepen Diode’s ability to engage with government opportunities.
In addition, we found the following engagement “windows” to be actionable:
-
The tried-and-true SBIR program. While a smaller Phase I program can be helpful in “finding the customer”, if you have connections to interested buyers, it can be easier for commercially deployed companies to go the “Direct to Phase II” approach. Not all SBIR programs are created equal - each will have its own requirements, so read the fine print!
-
“Other Transaction Authority” entities. Programs like the Defense Innovation Unit and Trade Wind have identified that the SBIR program can be too slow and that the FAR/DFAR regulatory approach can be too burdensome. To make collaboration more impactful, these entities have aligned funded contract vehicles behind directly engaging with existing commercial capabilities.
-
Primes and existing contractors. Certain government contractors already have funded contracts and need technologies to fulfill the contractual requirements. While it can be challenging to find the right partner who can have an open goal-oriented conversation, this can provide a short time to engagement if a partner with the right culture and incentives is identified.
Some of the funnest interactions were with other companies selected for the program who were also solving hard DCO challenges in their respective areas of focus. Many of these collaborated openly as each of us made new discoveries on customer needs and funded opportunities. Diode has partnered with some of these to provide leading cyber security solutions to both government and commercial customers.
Connect with us to explore
If you are interested collaborating with Diode on innovating Zero Trust for the government sector, or perhaps interested in more details around the Catalyst program, please feel free to Contact Us.