Zero Trust is one of the most widely talked about cybersecurity trends today. The world of cybersecurity has come to the conclusion that the traditional security models are insufficient. ZT is a strategy to design to prevent data breaches and stop data exfiltration.
Zero Trust is one of the most widely talked about cybersecurity trends today. The world of cybersecurity has come to the conclusion that the traditional security models are insufficient and a Zero Trust approach, which operates on the principle of 'never trust, always verify' is a reliable and robust way to conquer the current threats. CSA's mission is to create research, training,professional credentialing and provide an online center for additional curatedZero Trust resources. These tools will enable enterprises to understand and implementZero Trust principles into business planning, enterprise architectures andtechnology deployments. With the release of the Certificate of Competence in Zero Trust (CCZT),based on CSA’s Zero Trust Training (ZTT), CSA delivers the firstauthoritative, vendor-neutral Zero Trust training and certificate that providesthe knowledge needed to understand the core concepts of Zero Trust. Furtherdetails on ZeroTrust Advancement Center | CSA (cloudsecurityalliance.org)
Based on a formulated ZT strategy, ZT is then also considered to be a conceptual way on a tactical level. It is of importance to understand, that tactical measures are not a part of a strategy. Strategy and primarily so called Grand Strategy is the ultimate goal of an organization to achieve and shall remain the same, the Tactics on the other hand shall be defined based on Architectures and Technologies and are considered to be dynamic, will change and get better over time. Strategy, Tactics and Operations need to work together accordingly to execute Zero Trust successfully.
ZT is based on exactly nine things to do and should therefore not be overcomplicated.
Note:
*Data breaches are defined in context of a data exfiltration, not as a successful attacker infiltration.
- ZT is not a product
- ZT is not an identity
- ZT does not mean making the system trusted
View further details on ZT Misconceptions
The Godfather of Zero Trust, Mr. John Kindervag, said on several encounters:
"Trust is a human emotion" - Link: Zero-Trust-Dictionary-EN.pdf (on2it.net)
"People are not packets" - Link: 240411_John_Kindervag_Win_The_Cyberwar_With_Zero_Trust.pdf(sig-switzerland.ch)
We are pleased to share some highlights from our most recent event.
#CCZT is a new and currently the only certification for #ZeroTrust from the #CloudSecurityAlliance (CSA) on the market (as far as I know). Are you considering the #CCZT #Certification?
Once upon a time, in the heart of the Whispering Woods, there was a magical forest teeming with life, where a fairy named Zee and a dwarf named Ooh lived. Zee and Ooh were friends, even though they were quite different. Zee, the clever and sprightly fairy, had always been full of ideas and mischief, always on the move, learning and exploring. Ooh, the sturdy dwarf builder, was grounded and methodical and preferred a quiet life, building things.
Zero Trust is one of the most widely talked about cybersecurity trends today. The world of cybersecurity has come to the conclusion that the traditional security models are insufficient. ZT is a strategy to design to prevent data breaches and stop data exfiltration.