Zero Trust Architecture (ZTA) Expert Group

ZTT Expert Group Action Points 9/13

  • 1.  ZTT Expert Group Action Points 9/13

    Posted Sep 19, 2022 04:11:00 PM

    Hello all,

    Thank you for the thoughtful discussion yesterday. The meeting minutes have been updated and can be found here: https://drive.google.com/drive/folders/1fc9g7vUEuDA3qLDLk-0xoH12e_ZHRkA8 

    The recording for this meeting and future meetings can be found in the Library of the ZTT SME Circle group, along with the agendas/meeting minutes, and other relevant ZTT artifacts, such as the charter. The Circle group is invite-only, so if you do not have access to this group, please let us know ASAP and we can get that resolved. 

    All Modules for the ZT Training as well as the ZTT Glossary can be found here: https://drive.google.com/drive/folders/1RRq8MTFh19NCxw8bf5FH8Qito31mEC3F?usp=sharing

    Note: Please read modules 1-5 to get a good concept of the ZT/SDP training.

    ZT/SDP Resources Folderhttps://drive.google.com/drive/folders/10MWGbKutdSLYcCkC1IAMSJVO6apBXp4R?usp=sharing

    Module 5, ZT Planning, has new text/arrangement. All, please review and provide feedback. 

    As a reminder, the Training team's goal is to have this module, Zero Trust Planning, ready for CSA's internal review by mid-September. 

    Action Points:

    1. Assigned to all, please review Module 5 and provide comments/feedback by 9/20. 

      1. Link:https://docs.google.com/document/d/1d244goX54tGXbp22At_YPNEHn4kGLILQhTHE6g3Z0hA/edit?usp=sharing

    2. Course Introduction/Structure/Learning Objectives/Key Takeaways 

      1. As a reminder to all, these sections will be developed internally after M5 has been drafted properly 

    3. 5.2 Planning Considerations

      1. We are still considering the CISA Maturity Model text in this section. All, please add any suggestions by 9/20

      1. 5.2.4 Supply Chain Resilience 

        1. Sanjeev please review this text by 9/20

      2. 5.2.8 Compliance 

        1. Robert M. please review this section and provide feedback on the new text by 9/20

    4. 5.3 Scope & Priority

      1. Shruti please contribute to this section by 9/20

        1. As discussed in meeting, please consider Use Case Example's placement thereafter 

    5. 5.4 Gap Analysis 

      1. CSA Internal Team to reach out to Alex S. and confirm who will author this section

    6. 5.5 Define the Protect Surface & the Attack Surface 

      1. Michael R please review this section written by Shruti by 9/20

    7. 5.6 Document Transaction Flows

      1. This section has been written by Mark S; Chandler will incorporate this text by EOD 9/14 for expert review by 9/20

    8. 5.7 Define the Zero Trust Policies

      1. Prasad, please continue flushing out this section with the following in mind by 9/20

        1. The current feedback from Daniele 

        2. Is any material in this section outside the scope of this module?

     
    Thank you all for your time and effort,


    ------------------------------
    Chandler Curran
    Training Project Administrator
    Cloud Security Alliance
    ------------------------------