Zero trust architecture has the potential to improve an enterprise’s security posture. There is still considerable uncertainty about the zero trust transformation process, however, as well as how zero trust architecture will ultimately appear in practice. Recent executive orders have accelerated the timeline for zero trust adoption in the federal sector, and many private-sector organizations are following suit. Researchers in the CERT Division at the Carnegie Mellon University Software Engineering Institute (SEI) hosted Zero Trust Industry Days to enable industry stakeholders to share information about implementing zero trust. In this SEI podcast, CERT researchers Matthew Nicolai and Nathaniel Richmond discuss five zero trust best practices identified during the two-day event, explain their significance, and provide commentary and analysis on ways to empower your organization’s zero trust transformation.
Agile Acquisition
An Architecture-Focused Measurement Framework for Managing Technical Debt
Cloud Computing for the Battlefield
U.S. Postal Inspection Service Use of the CERT Resilience Management Model
Insights from the First CERT Resilience Management Model Users Group
NIST Catalog of Security and Privacy Controls, Including Insider Threat
Cisco's Adoption of CERT Secure Coding Standards
How to Become a Cyber Warrior
Considering Security and Privacy in the Move to Electronic Health Records
Measuring Operational Resilience
Why Organizations Need a Secure Domain Name System
Controls for Monitoring the Security of Cloud Services
Building a Malware Analysis Capability
Using the Smart Grid Maturity Model (SGMM)
Integrated, Enterprise-Wide Risk Management: NIST 800-39 and CERT-RMM
Conducting Cyber Exercises at the National Level
Indicators and Controls for Mitigating Insider Threat
How Resilient Is My Organization?
Public-Private Partnerships: Essential for National Cyber Security
Software Assurance: A Master's Level Curriculum
Create your
podcast in
minutes
It is Free