The Defense Department’s (DoD) Office of the Chief Information Officer (CIO) has formally integrated the Zero Trust Portfolio Management Office (ZT PfMO) into the DoD enterprise and established a new leadership role – the chief zero trust officer – according to a July 17 directive issued by Acting DoD CIO Katie Arrington.
The directive-type memo (DTM) took effect July 17 and will be converted into a DOD instruction. This DTM will expire effective July 17, 2026.
The ZT PfMO is not a new entity, but DoD officials clarified that it makes up the department’s newest push to reach its 2027 zero trust goal.
“It formally documents the Zero Trust Portfolio Management Office and the position of Chief ZT Officer. It is not a new office and is already making every effort to accelerate the adoption of Zero Trust across the DoD,” David McKeown, performing the duties of deputy CIO for cybersecurity, explained in a statement to MeriTalk.
“The DTM will further facilitate the ZT PfMO’s ability to normalize ZT cybersecurity within the DoDIN and beyond,” said Randy Resnick, senior advisor at the Zero Trust Portfolio Management Office, who praised the move as a step in the right direction.
According to the memorandum, the ZT PfMO coordinates, synchronizes, and drives the department’s shift to a zero trust cybersecurity architecture. The office is responsible for modernizing DoD’s cyber defenses to prevent malicious actors from compromising sensitive data and mission-critical systems.
“DoD CIO and the ZT PfMO team have worked incredibly hard over the last 3 years laying the foundation of Zero Trust throughout DoD. We have been able to demonstrate what many thought impossible – to prove that Target level ZT (and even Advanced level ZT) can be achieved,” Resnick said.
In addition to institutionalizing the ZT PfMO within the DoD enterprise, the memorandum establishes the role of chief zero trust officer. This role carries responsibility for publishing the DoD Zero Trust Strategy, setting strategic milestones, and ensuring that zero trust-related budgets align with the department’s security priorities.
The officer will also monitor budget decisions that could affect zero trust initiatives across the department and provide support to senior decision-making bodies such as the DoD Cyber Council and the DoD Zero Trust Executive Committee.