"CISA Releases Updated Zero Trust Maturity Model"

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has published the second version of the Zero Trust Maturity Model. This version incorporates recommendations from a public comment period and advances the federal government's commitment to a zero trust approach to cybersecurity in support of the National Cybersecurity Strategy. Although the Zero Trust Maturity Model is intended primarily for federal agencies, all organizations are encouraged to consider it and take steps to accelerate their progress toward a zero trust model. Zero trust is a method in which access to data, networks, and infrastructure is limited to what is minimally required, and the validity of that access is constantly verified. Understanding that organizations begin their path toward zero trust architectures differently, the Zero Trust Maturity Model update includes a new maturity stage dubbed "Initial" that can be used as a guide to determine maturity for each pillar. In all four stages of maturity (Traditional, Initial, Advanced, and Optimal), CISA has added several new functions and updated existing functions for organizations to consider when planning and making decisions regarding the implementation of zero trust architecture. This article continues to discuss CISA's release of the updated Zero Trust Maturity Model.

CISA reports "CISA Releases Updated Zero Trust Maturity Model"