PNNL

Abstract

The research focuses on the critical need for enhanced cybersecurity within the Countering Weapons of Mass Destruction (CWMD) Office, specifically targeting Chemical, Biological, Radiological, and Nuclear devices. Traditional perimeter-based security models are insufficient against modern cyber threats, prompting a shift toward Zero Trust principles (ZTP) that emphasize continuous verification and stringent security for all devices. Federal directives mandate the adoption of Zero Trust (ZT) across agencies, supported by guidelines from National Institute of Standards and Technology (NIST), U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of Defense (DoD) and National Security Agency (NSA). The research involved mapping ZT guidance from these agencies to develop tailored CWMD ZTP. The study identified gaps and areas for improvement, including clear transitional guidance from traditional to ZT architectures and the focus on explicit cross cutting capabilities. Design improvements are recommended to ensure increased comprehensive protection and resilience against sophisticated cyber threats for Chemical, Biological, Radiological, and Nuclear (CBRN) devices. Collaborative efforts among federal agencies are essential for the successful deployment of an optimized ZT guidance.