3. 3
Zero Trust
Official CSA Definition
“Zero Trust is a cybersecurity strategy
premised on the idea that no user or asset is
to be implicitly trusted. It assumes that a
breach has already occurred or will occur,
and therefore, a user should not be granted
access to sensitive information by a single
verification done at the enterprise perimeter.
Instead, each user, device, application, and
transaction must be continually verified.”
4. 4
Background: CSA Zero Trust Research Workstreams
The revamped CSA ZT WG consists of nine NSTAC, CISA, and DoD-aligned
workstreams,
each with 2+ co-leads. Workstream Collaboration Links
ZT Research Workstreams Co-Leads
1. Zero Trust as a Philosophy & Guiding Principles
2. Zero Trust Organizational Strategy & Governance
Frank DePaola
Heverin (Joy) Williams
3. Pillar: Identity Shruti Kulkarni
Ryan Gifford (CSA IAM WG)
4. Pillar: Devices Jennifer Minella (JJ)
Josh Woodruff
5. Pillar: Networks/Environment Vinotth Ramalingam
Jerry Chapman
6. Pillar: Applications & Workloads Steve Guilford
Nick Taylor
7. Pillar: Data Shruti Kulkarni
Krishna Narayamaswamy
Alex Kaluza (CSA Data Security)
8. Automation, Orchestration, Visibility & Analytics Lars Ruddigkeit
Narendran Vaideeswaran
9. ZT Architecture, Implementation & Maturity Model Jason Garbis
Chris Steffen