The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero Trust within networks. The Zero Trust security model is a coordinated system management strategy that assumes breaches are inevitable or have already occurred. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators and organizations review NSA’s guidance to help secure sensitive data, systems, and services. Access the information sheet at NSA.
WaterISAC recently discussed Zero Trust, including for both its Security & Resilience Updates last week. The Tuesday Security & Resilience Update discussed Microsoft’s recommendation that every company adopt the Zero Trust mindset as a lesson from the “Solorigate” incident. And for the Thursday Security & Resilience Update, WaterISAC discussed Zero Trust’s applicability to OT networks.