Software Defined Perimeter

  • 1.  Federal Zero Trust Strategy

    Posted Sep 07, 2021 11:44:00 AM
    You can find the draft document here as well as instructions for providing comment, which are due Sept 21. Anyone can comment, but a coordinated comment from CSA will carry more weight.

    https://zerotrust.cyber.gov/federal-zero-trust-strategy/

    ------------------------------
    Jim Reavis CCSK
    Cloud Security Alliance
    Bellingham WA
    ------------------------------


  • 2.  RE: Federal Zero Trust Strategy

    Posted Sep 07, 2021 06:06:00 PM
    Edited by Jason Garbis Sep 07, 2021 06:12:13 PM
    Jim, thanks for posting this link - there are actually three Federal Zero Trust documents open for comment starting today

    1. The Zero Trust Strategy doc you linked to - https://zerotrust.cyber.gov/federal-zero-trust-strategy/ - open for comment until Sept 21
    2. The CISA Zero Trust Maturity Model - which is open for comment until October 1 - Zero Trust Maturity Model

    3.  The CISA Cloud Security Technical Reference Architecture  - also open for commentary until October 1 - Cloud Security Technical Reference Architecture


    Given the short timelines on these for commentary, we will be using tomorrow's SDP Zero Trust Working Group session to kick off our plan for coordinating a response from the group.
    For those who want to attend, it's Weds Sept 8 at 4pm ET / 1pm PT: https://cloudsecurityalliance.zoom.us/j/96196813975?pwd=cGxDdndDbW5vVU5MZ0hyeHpSbXMydz09

    ------------------------------
    Jason Garbis, CISSP
    Co-Chair, SDP Zero Trust Working Group
    CPO, Appgate
    ------------------------------



  • 3.  RE: Federal Zero Trust Strategy

    Posted Sep 08, 2021 01:20:00 AM
    Just a point on the meetings, these used to come out as a calendar invite but believe were cancelled recently - would it be possible to get the series sent out again to avoid missing the slot?

    Thanks.

    ------------------------------
    Alistair Cockeram CISM, CISSP, CCSP, SCCP, MCIIS, MBCS
    Information Security Architect
    Financial Services
    ------------------------------



  • 4.  RE: Federal Zero Trust Strategy

    Posted Sep 09, 2021 12:37:00 PM

    Jim et al,

    SDP and ZT WG leadership decided to draft a consolidated response on the Federal ZT Strategy documents. 

    As per yesterday's SDP meeting, here are the URLs for our workspaces:  

    1) Moving the U.S. Government Towards Zero Trust Cybersecurity Principles
    https://docs.google.com/document/d/1QK75g5rxLpZeyCDdmX0-db6lR34BWU0vbYcDoJ_UUDA/edit

     

     

    2) ZT Maturity Model

    https://docs.google.com/document/d/1uvO217TmV5xy8kp8em9l0gSSvGFmh5dmupXaTxH72m8/edit

     

     

    3) CISA Cloud Security Technical Reference Architecture_Version 1

    https://docs.google.com/document/d/1o7UvWlA-YfhwOg454r9JMO0CUunur3deAra5-QMHfUU/edit

     

    Thanks and best,

    Shamun



    ------------------------------
    Shamun Mahmud
    Standards Officer, Sr. Research Analyst
    Cloud Security Alliance
    WA
    ------------------------------