Software Defined Perimeter

You can find the draft document here as well as instructions for providing comment, which are due Sept 21. Anyone can comment, but a coordinated comment from CSA will carry more weight.

https://zerotrust.cyber.gov/federal-zero-trust-strategy/

------------------------------
Jim Reavis CCSK
Cloud Security Alliance
Bellingham WA
------------------------------

Jim, thanks for posting this link - there are actually three Federal Zero Trust documents open for comment starting today

1. The Zero Trust Strategy doc you linked to - https://zerotrust.cyber.gov/federal-zero-trust-strategy/ - open for comment until Sept 21
2. The CISA Zero Trust Maturity Model - which is open for comment until October 1 - Zero Trust Maturity Model

3.  The CISA Cloud Security Technical Reference Architecture  - also open for commentary until October 1 - Cloud Security Technical Reference Architecture


Given the short timelines on these for commentary, we will be using tomorrow's SDP Zero Trust Working Group session to kick off our plan for coordinating a response from the group. 
For those who want to attend, it's Weds Sept 8 at 4pm ET / 1pm PT: https://cloudsecurityalliance.zoom.us/j/96196813975?pwd=cGxDdndDbW5vVU5MZ0hyeHpSbXMydz09

------------------------------
Jason Garbis, CISSP
Co-Chair, SDP Zero Trust Working Group
CPO, Appgate
------------------------------

Original Message:
Sent: Sep 07, 2021 11:43:30 AM
From: Jim Reavis
Subject: Federal Zero Trust Strategy

You can find the draft document here as well as instructions for providing comment, which are due Sept 21. Anyone can comment, but a coordinated comment from CSA will carry more weight.

https://zerotrust.cyber.gov/federal-zero-trust-strategy/

------------------------------
Jim Reavis CCSK
Cloud Security Alliance
Bellingham WA
------------------------------

Just a point on the meetings, these used to come out as a calendar invite but believe were cancelled recently - would it be possible to get the series sent out again to avoid missing the slot?

Thanks.

------------------------------
Alistair Cockeram CISM, CISSP, CCSP, SCCP, MCIIS, MBCS
Information Security Architect
Financial Services
------------------------------

Original Message:
Sent: Sep 07, 2021 06:05:47 PM
From: Jason Garbis
Subject: Federal Zero Trust Strategy

Jim, thanks for posting this link - there are actually three Federal Zero Trust documents open for comment starting today

1. The Zero Trust Strategy doc you linked to - https://zerotrust.cyber.gov/federal-zero-trust-strategy/ - open for comment until Sept 21
2. The CISA Zero Trust Maturity Model - which is open for comment until October 1 - Zero Trust Maturity Model

3.  The CISA Cloud Security Technical Reference Architecture  - also open for commentary until October 1 - Cloud Security Technical Reference Architecture


Given the short timelines on these for commentary, we will be using tomorrow's SDP Zero Trust Working Group session to kick off our plan for coordinating a response from the group.
For those who want to attend, it's Weds Sept 8 at 4pm ET / 1pm PT: https://cloudsecurityalliance.zoom.us/j/96196813975?pwd=cGxDdndDbW5vVU5MZ0hyeHpSbXMydz09

------------------------------
Jason Garbis, CISSP
Co-Chair, SDP Zero Trust Working Group
CPO, Appgate

Original Message:
Sent: Sep 07, 2021 11:43:30 AM
From: Jim Reavis
Subject: Federal Zero Trust Strategy

You can find the draft document here as well as instructions for providing comment, which are due Sept 21. Anyone can comment, but a coordinated comment from CSA will carry more weight.

https://zerotrust.cyber.gov/federal-zero-trust-strategy/

------------------------------
Jim Reavis CCSK
Cloud Security Alliance
Bellingham WA
------------------------------

Jim et al,

SDP and ZT WG leadership decided to draft a consolidated response on the Federal ZT Strategy documents. 

As per yesterday's SDP meeting, here are the URLs for our workspaces:  

1) Moving the U.S. Government Towards Zero Trust Cybersecurity Principles
https://docs.google.com/document/d/1QK75g5rxLpZeyCDdmX0-db6lR34BWU0vbYcDoJ_UUDA/edit

 

 

2) ZT Maturity Model

https://docs.google.com/document/d/1uvO217TmV5xy8kp8em9l0gSSvGFmh5dmupXaTxH72m8/edit

 

 

3) CISA Cloud Security Technical Reference Architecture_Version 1

https://docs.google.com/document/d/1o7UvWlA-YfhwOg454r9JMO0CUunur3deAra5-QMHfUU/edit

 

Thanks and best,

Shamun

------------------------------
Shamun Mahmud
Standards Officer, Sr. Research Analyst
Cloud Security Alliance
WA
------------------------------

Original Message:
Sent: Sep 07, 2021 06:05:47 PM
From: Jason Garbis
Subject: Federal Zero Trust Strategy

Jim, thanks for posting this link - there are actually three Federal Zero Trust documents open for comment starting today

1. The Zero Trust Strategy doc you linked to - https://zerotrust.cyber.gov/federal-zero-trust-strategy/ - open for comment until Sept 21
2. The CISA Zero Trust Maturity Model - which is open for comment until October 1 - Zero Trust Maturity Model

3.  The CISA Cloud Security Technical Reference Architecture  - also open for commentary until October 1 - Cloud Security Technical Reference Architecture


Given the short timelines on these for commentary, we will be using tomorrow's SDP Zero Trust Working Group session to kick off our plan for coordinating a response from the group.
For those who want to attend, it's Weds Sept 8 at 4pm ET / 1pm PT: https://cloudsecurityalliance.zoom.us/j/96196813975?pwd=cGxDdndDbW5vVU5MZ0hyeHpSbXMydz09

------------------------------
Jason Garbis, CISSP
Co-Chair, SDP Zero Trust Working Group
CPO, Appgate

Original Message:
Sent: Sep 07, 2021 11:43:30 AM
From: Jim Reavis
Subject: Federal Zero Trust Strategy

You can find the draft document here as well as instructions for providing comment, which are due Sept 21. Anyone can comment, but a coordinated comment from CSA will carry more weight.

https://zerotrust.cyber.gov/federal-zero-trust-strategy/

------------------------------
Jim Reavis CCSK
Cloud Security Alliance
Bellingham WA
------------------------------