"NSA Releases Recommendations for Maturing Identity, Credential, and Access Management in Zero Trust"
The National Security Agency (NSA) has released a Cybersecurity Information Sheet (CSI) titled "Advancing Zero Trust Maturity throughout the User Pillar" to help system operators in maturing their Identity, Credential, and Access Management (ICAM) capabilities to effectively combat certain cyber threat techniques. Due to immature ICAM capabilities of national security, critical infrastructure, and Defense Industrial Base (DIB) systems, cyberattacks are on the rise. The zero trust model limits access to only what is required and expects that a security breach will occur or has already occurred. NSA is helping Department of Defense (DOD) customers with zero trust framework integration within National Security System (NSS), DOD, and DIB environments. Additional direction will help organize, guide, and simplify the incorporation of zero trust principles and designs into enterprise networks. In order to reach a mature zero trust framework, systems must integrate and harmonize the capabilities associated with seven pillars, including users, devices, data, application/workload, network/environments, visibility and analytics, and automation and orchestration. This article continues to discuss NSA's release of recommendations for maturing ICAM capabilities for zero trust.