Modernizing the Guard’s IT and Zero Trust Journey

Original broadcast 10/7/25

Presented by Carahsoft

The National Guard occupies a unique position in America’s defense and homeland security architecture. Spread across 54 states and territories and composed of both Army and Air Guard components, it faces a complex set of challenges in managing information technology, ensuring cybersecurity, and maintaining operational readiness. At the AFCEA and INSA Intelligence and National Security Summit, Kenneth McNeill, Chief Information Officer of the National Guard Bureau, explained how the Guard is modernizing its IT capabilities and advancing toward a zero trust future.

McNeill began by underscoring the sheer scale of the Guard’s footprint. “We are responsible for 54 states and territories and the District of Columbia,” he said. “That footprint gives adversaries a lot of shots to get into the defense network.” Securing such a broad and diverse enterprise requires not only technology but also innovation, collaboration, and adaptability.

One of the most striking examples of innovation has been the Guard’s embrace of Bring Your Own Device (BYOD). A few years ago, McNeill’s team recognized that 93 percent of Guardsmen and women did not have government-furnished mobile devices. Without secure access to communications, email, and collaboration tools, they often resorted to personal devices in ways that were not secure. To solve this problem, the Guard pioneered a BYOD solution that allows personnel to use their personal phones to access official applications in a secure environment.

The impact was transformative. With BYOD, soldiers and airmen gained access to email, Teams, and other critical resources without requiring a government-issued phone. “It’s been a game changer,” McNeill said. What began as a solution to a Guard-specific challenge soon caught the attention of the wider Department of Defense. Today, the DoD CIO and other service CIOs are adopting similar approaches, extending the benefits across the enterprise. “This is not your grandfather’s National Guard,” McNeill observed. “We’re bringing technology in and sharing it across the department.”

But modernizing access is only one part of the challenge. Retaining cyber talent is another. Many Guard members bring civilian-acquired IT and cybersecurity skills that are highly valuable, not just to the Guard but to the entire Department of Defense. McNeill explained that leveraging and retaining those skills is a priority. “We are uniquely gifted with personnel who bring critical capabilities from their civilian careers,” he said. The question is how to ensure those individuals continue to contribute in ways that benefit both the Guard and the broader DoD cyber mission.

Collaboration across the department is central to the Guard’s IT strategy. McNeill described regular engagement with the DoD CIO office and with service-level CIOs in the Army and Air Force. These relationships help ensure that innovations developed by the Guard are shared widely, and that the Guard benefits from best practices emerging elsewhere in the department. Weekly and even twice-weekly coordination sessions ensure alignment and information exchange.

The Guard’s modernization efforts are also shaped by its homeland mission. Unlike active-duty forces, the Guard plays a central role in responding to domestic crises, from natural disasters to cyber incidents. That mission demands agile, reliable IT systems that can function in dispersed and unpredictable environments. Industry partnerships have been especially important in meeting these needs, enabling the Guard to quickly adopt technologies that might otherwise take years to deploy.

At the heart of McNeill’s strategy is zero trust. While the Army and Air Force are pursuing their own service-specific zero trust implementations, McNeill emphasized that the Guard has taken the unusual step of developing an enterprise-level zero trust plan for the entire National Guard Bureau. “Most people say, ‘why are you doing zero trust? The Army will do theirs, and the Air Force will do theirs.’ But we wanted an enterprise zero trust strategy to make sure we’re protecting the DODIN at every level,” he said.

The Guard is working closely with the DoD CIO office to align its zero trust roadmap with department-wide initiatives. McNeill expressed confidence that the Guard will meet its zero trust implementation timeline, thanks in part to the strong collaboration between his staff and senior DoD leaders. For him, zero trust is not just about compliance with federal mandates but about ensuring that every Guardsman and woman, whether on mission or preparing to mobilize, operates in a secure digital environment.

The innovations McNeill described—the BYOD program, the enterprise zero trust plan, the retention of civilian cyber skills—illustrate how the Guard is rethinking its IT posture in light of modern challenges. What began as responses to specific problems have become models for the wider department. In this way, the Guard is demonstrating that its unique structure can be an asset, not a liability, in driving innovation.

The Guard’s modernization journey reflects a broader shift across the defense community: security is no longer about building walls around networks but about embedding trust at every layer. For McNeill and his team, that means building systems that are secure, resilient, and adaptable, regardless of where or how Guardsmen serve.

Key Takeaways

• The National Guard pioneered a BYOD program that has transformed access to secure IT and influenced adoption across the Department of Defense.

• Retaining and leveraging the Guard’s civilian-acquired cyber skills is essential for both Guard and DoD readiness.

• The Guard’s enterprise-level zero trust plan ensures protection of the DODIN and sets a model for other services.