- PwC Urges Boards to Give CISOs a Seat at the Table
- Want an entire tech repair shop of tools in a single messenger bag? iFixit can fix that
- 블로그 | 'AI 바디캠'이 확산하면 어떤 일이 벌어질까?
- Networks of collaborative AI agents will transform how we work, says this expert
- Data Security Best Practices for Cloud CRM Systems as Adoption Surges
CISA Updates Zero Trust Maturity Model With Public Feedback
The US Cybersecurity and Infrastructure Security Agency (CISA) published the second version of its Zero Trust Maturity Model on Tuesday, which incorporates recommendations from a public comment period.
The updated guidelines aim to further the federal government’s progress toward a zero trust approach to cybersecurity in support of the new National Cybersecurity Strategy.
Read more on the strategy here: White House Launches National Cybersecurity Strategy
Writing in a blog post, CISA explained that while the Zero Trust Maturity Model is primarily intended for federal agencies, other organizations should also review the guidance to advance their progress toward a zero trust model.
“CISA has been acutely focused on guiding agencies, who are at various points in their journey, as they implement zero trust architecture,” explained Chris Butera, technical director for cybersecurity at CISA.
“As one of many roadmaps, the updated model will lead agencies through a methodical process and transition towards greater zero trust maturity. While applicable to federal civilian agencies, all organizations will find this model beneficial to review and use to implement their own architecture.”
The new model introduces an additional maturity stage called “initial” to the four stages of its predecessor: traditional, initial, advanced and optimal. The initial maturity stage is designed as a guide to identifying maturity for each of the five pillars of the Zero Trust Maturity Model: identity, devices, network, data, and applications and workloads.
The Zero Trust Maturity Model Version 2 also provides gradual implementation guidelines across the five pillars to facilitate implementation, enabling agencies to make incremental advancements toward the optimization of zero trust architectures.
The new model comes weeks after CISA unveiled its ransomware vulnerability warning program.