Hi All,
The NSA just published Advancing Zero Trust Maturity Throughout the Network and Environment Pillar
After gaining access to an organization's network, one of the most common techniques malicious cyber actors use is lateral movement through the network, gaining access to more sensitive data and critical systems. The Zero Trust network and environment pillar curtails adversarial lateral movement by employing controls and capabilities to logically and physically segment, isolate, and control access (on-premises and off-premises) through granular policy restrictions. The network and environment pillar works in concert with the other Zero Trust pillars as part of a holistic Zero Trust security model that assumes adversary breaches occur inside the network, and so limits, verifies, and monitors activities throughout the network. The concepts introduced in this cybersecurity information sheet provide guidance on enhancing existing network security controls to limit the potential impact of a compromise through data flow mapping, macro and micro segmentation, and software defined networking. These capabilities enable host isolation, network segmentation, enforcement of encryption, and enterprise visibility. As organizations mature their internal network control, they greatly improve their defense-in-depth posture and, consequently, can better contain, detect, and isolate network intrusions.
@Erik Johnson
@Vinotth Ramalingam
------------------------------
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA, CSA Research Fe
------------------------------