Hi All,
NSA just published Advancing Zero Trust Maturity Throughout the User Pillar
According to the 2020 Verizon Data Breach Investigations Report, "at least two-thirds of cyberattacks are now focused on impersonating trusted users and systems to access vital data or critical systems." [1] Such cyber incidents are on the rise, creating economic disruption and impacting national security.T
his cybersecurity information sheet (CSI) provides recommendations for maturing identity, credential and access management (ICAM) capabilities to effectively mitigate such cyberattacks. It further discusses how these capabilities integrate into a comprehensive Zero Trust (ZT) framework, as described in "Embracing a Zero Trust Security Model". [2] National Security System owners and operators should take concrete steps to mature identity and access security controls and the operational practices related to establishing digital identities and authenticating and authorizing users to access critical resources. Doing so will provide system owners and operators the ability to identify, resist, and respond to many cyber intrusion techniques.
@Daniele Catteddu
@Anna Schorr
@Chandler Curran
@Erik Johnson
------------------------------
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA
------------------------------