Jim et al,
SDP and ZT WG leadership decided to draft a consolidated response on the Federal ZT Strategy documents.
As per yesterday's SDP meeting, here are the URLs for our workspaces:
1) Moving the U.S. Government Towards Zero Trust Cybersecurity Principles
https://docs.google.com/document/d/1QK75g5rxLpZeyCDdmX0-db6lR34BWU0vbYcDoJ_UUDA/edit
2) ZT Maturity Model
https://docs.google.com/document/d/1uvO217TmV5xy8kp8em9l0gSSvGFmh5dmupXaTxH72m8/edit
3) CISA Cloud Security Technical Reference Architecture_Version 1
https://docs.google.com/document/d/1o7UvWlA-YfhwOg454r9JMO0CUunur3deAra5-QMHfUU/edit
Thanks and best,
Shamun
------------------------------
Shamun Mahmud
Standards Officer, Sr. Research Analyst
Cloud Security Alliance
WA
------------------------------
Original Message:
Sent: Sep 07, 2021 06:05:47 PM
From: Jason Garbis
Subject: Federal Zero Trust Strategy
Jim, thanks for posting this link - there are actually three Federal Zero Trust documents open for comment starting today
1. The Zero Trust Strategy doc you linked to - https://zerotrust.cyber.gov/federal-zero-trust-strategy/ - open for comment until Sept 21
2. The CISA Zero Trust Maturity Model - which is open for comment until October 1 - Zero Trust Maturity Model
3. The CISA Cloud Security Technical Reference Architecture - also open for commentary until October 1 - Cloud Security Technical Reference Architecture
Given the short timelines on these for commentary, we will be using tomorrow's SDP Zero Trust Working Group session to kick off our plan for coordinating a response from the group.
For those who want to attend, it's Weds Sept 8 at 4pm ET / 1pm PT: https://cloudsecurityalliance.zoom.us/j/96196813975?pwd=cGxDdndDbW5vVU5MZ0hyeHpSbXMydz09
------------------------------
Jason Garbis, CISSP
Co-Chair, SDP Zero Trust Working Group
CPO, Appgate
Original Message:
Sent: Sep 07, 2021 11:43:30 AM
From: Jim Reavis
Subject: Federal Zero Trust Strategy
You can find the draft document here as well as instructions for providing comment, which are due Sept 21. Anyone can comment, but a coordinated comment from CSA will carry more weight.
https://zerotrust.cyber.gov/federal-zero-trust-strategy/
------------------------------
Jim Reavis CCSK
Cloud Security Alliance
Bellingham WA
------------------------------