Zero Trust

 View Only

Working Group Organization
CSA Support

• ZT Inquiries - [email protected]

• Erik Johnson - [email protected]

• John Yeoh - [email protected]

Research Working Group Co-chairs

• Jerry Chapman

• Jason Garbis

• Chris Steffen

Structure

The CSA Zero Trust Working Group has the following nine work streams:
 1.  Zero Trust as a Philosophy & Guiding Principles
 2.  Zero Trust Organizational Strategy & Governance
 3.  Pillar: Identity
 4.  Pillar: Device
 5.  Pillar: Network/Environment
 6.  Pillar: Applications & Workload
 7.  Pillar: Data
 8.  Automation, orchestration, visibility & analytics
 9.  Zero Trust Architecture, Implementation & Maturity Model

Expressions of interest in working group and specific workstream participation can be registered here or by sending an email to [email protected].


#ZeroTrust

Latest Discussion Posts

  • https://cloudsecurityalliance.zoom.us/rec/share/3Pak1nHIU0_SV6sUxmY7JzWBACbmNUs15KWrrLqisHw9duigYsULf8exs_6A0q9X.9dF6ha1bhkSFroF2 Passcode: ZTimplement101! Our senior subject matter expert advisor and the founder of Zero Trust has graciously offered ...

    3 people like this.
  • https://cloudsecurityalliance.zoom.us/rec/share/ykDarTQpSaqGllMRINOiVvjGrwlWaDaP7Gnp7j-0rxEmfkVdNXKYUxUalIKQKFQQ.9XnIvDQ8o9o9GhNV?startTime=1671039231000 Passcode: DataPillar7! Our senior subject matter expert advisor and the founder of Zero Trust ...

    2 people like this.
  • Jeremy Rennicks >> I do believe that "never trust always verify" is a marketing term from Palo Alto Networks and not part of the actual Zero Trust Model as defined by Gartner. this is incorrect. this is the root principle as defined by the father ...

  • Gartner defined the principles well, Zero Trust is a model and not a solution. There isn't a magic button solution, its a series of controls just like Defense in Depth. I already know what system architecture is: System architecture refers to the ...

    1 person likes this.
  • Jeremy Rennicks >> I believe this paradox is based on a flawed understanding of the Zero-Trust Model actually not. it seems as if, the same as many others, you confuse several things in your response: "principle" vs "solution" "trust ...

    1 person likes this.

Latest Shared Files

Announcements

  • CISA Zero Trust Maturity Model 2.0 expected in coming days

    The Cybersecurity and Infrastructure Security Agency will publish the second version of its Zero Trust Maturity Model in the coming days.

    “So just to get everyone prepared in the next week or so we should have the second version of the Maturity Model. It’s not on the website yet today as we’d expected, but it should be next week,” said CISA Senior Cybersecurity Architect Sean Connelly. Connelly was speaking at during the 2023 ATARC Zero Trust Summit in Washington on Thursday.

    The latest version of the guidance is expected to update key definitions and metrics for the governmentwide adoption of zero-trust security architectures.

  • New Zero Trust Training: Key Features & Technologies of Software-Defined Perimeter

    The Cloud Security Alliance is excited to release Key Features & Technologies of Software-Defined Perimeter, the third course in our online Zero Trust Training (ZTT) program. This new course will provide learners with an in-depth look at the key features and technologies of SDP for securing today's and tomorrow's IT infrastructureswhether they are on-premises, in the cloud, a hybrid of the two, or a case with multiple cloud service providers.

    Learners will be introduced to the principles of Least Privilege and Need to Know, policy-based authorization and access controls, and the similarities and differences between SDP and SDN.

    This course is a great fit for users in any of the following roles:

    • C-Suite (CEO, CTO, CISO, CIO)
    • Managers and Decision Makers
    • Cybersecurity Analysts
    • Security Engineers and Architects
    • Enterprise Architects
    • Security Administrators
    • Compliance Managers
    • Systems Engineers
    • Developers

    The ZTT program covers eight areas of Zero Trust knowledge and will be rolled out in a series of six courses available on CSA’s Knowledge Center. To learn more about CSA’s Zero Trust Training program, download the ZTT overview and get started

    Special offer for CSA Members!

    Through December 31, CSA corporate members receive 50% off the ZTT bundle on the Knowledge Center, which includes six online ZTT courses and one exam token. Fill out this form to claim 50% off the ZTT bundle or learn how you can create a custom ZTT package for your team that meets the unique needs of your organization.

  • CSA Zero Trust Research - 12/20 Full Working Group Meeting Materials

    A Zoom meeting has been scheduled for 3PM ET Tuesday 12/20 and at the same time the third Tuesday of every month thereafter. Meetings will be recorded for subsequent viewing.

    Full details and link to a downloadable ICS file are available at the link below.

    The monthly Zeru Trust full working group meeting (spanning all 9 workstreams) was held today.  Deck and recording links follow.  New workgroup and workstream meetings will be scheduled and new invitations sent out shortly for the new year, generally keeping with established schedules and cadence as applicable.

    Materials from the 12/20 meeting:
    Deck: ZT Full WG Meeting 12-20-2022.pptx
    Recording: https://cloudsecurityalliance.zoom.us/rec/share/oupdxT65a5VQr_YTeNGq3AVQggn0nOsJSGeonf8iTAV33VZVoemWBFIfScfiyZiP._5uGhmAaXEhQgqsK

    - Passcode: KeepZTsimple2023!

Upcoming Events


Current Members
1003 Members
community Admin
community Leadership
community Admin
community Leadership
community Leadership
community Leadership