The Cybersecurity and Infrastructure Security Agency (CISA) is taking a strategic step forward by integrating its various zero trust security initiatives under one roof, according to Sean Connelly, CISA’s senior cybersecurity architect and trusted internet connections program manager, last Thursday at CyberScoop’s Zero Trust Summit.
Connelly has been instrumental in shaping the agency’s zero trust policies. His insights, shared during an interview with MeriTalk in December and at the Zscaler Public Sector Summit in March 2023, highlight the agency’s commitment to evolving the TIC program office into a dedicated zero trust entity. The newly established CISA’s Zero Trust Initiative, which has been in the works for a while according to his statements at the March 2023 Summit, aims to centralize the agency’s guidance and support for Federal agencies transitioning to zero trust security architectures, while also broadening the scope of zero trust adoption across the broader IT landscape.
The CISA Zero Trust Initiative will concentrate on several key objectives:
- Expanding Zero Trust Training: By offering comprehensive training opportunities, the initiative seeks to equip Federal agency personnel with the knowledge and skills necessary to navigate the complexities of zero trust architectures.
- Issuing Zero Trust Guidance and Playbooks: Building upon existing frameworks such as the Zero Trust Maturity Model (ZTMM) and Trusted Internet Connections (TIC) 3.0 guidance, the initiative will release further documentation to assist agencies in their zero trust journeys.
- Fostering Community and Collaboration: Through the formation of working groups and partnerships with Federal entities and the IT community, the initiative aims to encourage dialogue, share best practices, and drive collective progress towards zero trust adoption.
- Assessing Implementation Progress: The initiative will also develop methodologies for organizations to evaluate their advancement in applying zero trust principles, ensuring a clear path towards achieving security objectives.
This unified approach under the CISA Zero Trust Initiative not only streamlines the agency’s efforts but also sets a precedent for Federal agencies and the IT community at large to follow suit. By concentrating on training, guidance, community building, and progress assessment, CISA is poised to lead a comprehensive shift towards a more secure, zero trust-based cybersecurity framework.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
https://www.netizen.net/contact
