IIG - Operationalizing Zero Trust at Scale

Original broadcast 6/4/23

Presented by Carahsoft

David Voelker, Zero Trust Architecture Lead for the U.S. Navy, brings a pragmatic and collaborative approach to implementing Zero Trust across naval systems. Rather than leaving programs to shoulder the burden alone, Voelker emphasizes building partnerships among cybersecurity service providers, identity management teams, and program stakeholders to share responsibilities and accelerate progress.

At the center of Voelker’s current strategy are two critical pillars of Zero Trust: micro-segmentation and user and entity behavioral analytics. Micro-segmentation ensures that network access is restricted and monitored based on role and need, reducing the blast radius of any potential intrusion. Meanwhile, behavioral analytics help detect anomalous behavior across the environment, making it easier to identify internal threats and advanced persistent attacks.

Voelker highlights that one of the Navy’s most effective tools is a metrics-driven system that tracks how each program is progressing toward the FY 2027 Zero Trust mandate. This readiness assessment evaluates how many requirements have been met, which ones are inherited through shared services, and which are still outstanding. It’s a realistic, transparent approach that allows leaders to forecast potential risks and course-correct before deadlines are missed.

But Voelker also acknowledges that integrating these capabilities into legacy systems is no small task. Many platforms supporting warfighters have been operational for decades, and modernizing them without disrupting mission delivery requires thoughtful planning and tight coordination. That’s why the Navy encourages programs to lean on established identity services and cybersecurity infrastructure rather than starting from scratch.

He also calls on industry partners to play a bigger role in filling capability gaps. When internal resources are insufficient to meet a particular requirement, the Navy looks to the Defense Industrial Base to co-develop prototypes and integrate technologies into production environments. This partnership model ensures that new tools are not only compliant but truly operational in the Navy’s unique context.

One of the most important messages Voelker offers is that Zero Trust isn’t just about checklists—it’s about outcomes. The goal is not to achieve compliance, but to build secure, adaptive systems that can withstand modern threats while supporting agile mission operations.

By focusing on interoperability, partnership, and results-driven assessments, Voelker is leading an approach that ensures the Navy’s Zero Trust journey is as efficient as it is effective.

Key Takeaways:

• Micro-segmentation and behavioral analytics are central to Navy’s Zero Trust strategy.

• Readiness tracking and shared services reduce duplication and accelerate compliance.

• Industry partnerships play a key role in delivering operational Zero Trust capabilities.

This interview was recorded on location at TechNet Cyber 2025 and included as part of the TV show Innovation in Government from TechNet Cyber.