Top Threats

  • 1.  NSA Advancing Zero Trust Maturity Throughout the User Pillar

    Posted Mar 14, 2023 01:36:00 PM

    Hi All,

    NSA just published Advancing Zero Trust Maturity Throughout the User Pillar

    According to the 2020 Verizon Data Breach Investigations Report, "at least two-thirds of cyberattacks are now focused on impersonating trusted users and systems to access vital data or critical systems." [1] Such cyber incidents are on the rise, creating economic disruption and impacting national security.T

    his cybersecurity information sheet (CSI) provides recommendations for maturing identity, credential and access management (ICAM) capabilities to effectively mitigate such cyberattacks. It further discusses how these capabilities integrate into a comprehensive Zero Trust (ZT) framework, as described in "Embracing a Zero Trust Security Model". [2] National Security System owners and operators should take concrete steps to mature identity and access security controls and the operational practices related to establishing digital identities and authenticating and authorizing users to access critical resources. Doing so will provide system owners and operators the ability to identify, resist, and respond to many cyber intrusion techniques.

    @Daniele Catteddu 

    @Anna Schorr 

    @Chandler Curran 

    @Erik Johnson 



    ------------------------------
    Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA
    ------------------------------


  • 2.  RE: NSA Advancing Zero Trust Maturity Throughout the User Pillar

    Posted Mar 15, 2023 12:17:00 PM

    Thanks for sharing, Michael. I have added this to the ZT Expert Group agenda announcements. 



    ------------------------------
    Anna Campbell Schorr
    Training Program Manager
    Cloud Security Alliance
    [email protected]
    ------------------------------