Zero trust architecture

NIST Names Technology Collaborators for Zero Trust Project

The National Institute of Standards and Technology, through its National Cybersecurity Center of Excellence, has selected a group of technology firms as partners for a Cooperative Research and Development Agreement in line with its zero trust architecture vision. Amazon Web Services, Appgate, Cisco, F5 Networks, FireEye, Forescout, IBM, Ivanti, Lookout, McAfee, Microsoft, Okta, Palo Alto Networks, PC Matic, Radiant Logic, SailPoint Technologies, Symantec, Tenable and Zscaler were all chosen to take part in the NIST’s Implementing a Zero Trust Architecture project.

The project is being advanced in view of the proliferation of cloud computing, mobile device use and the internet of things, which have dissolved traditional network boundaries. It factors in how hardened network perimeters alone are no longer effective in providing enterprise security in a world of increasingly sophisticated threats. Zero trust was described as a design approach to architecting an information technology environment that could reduce an organization’s risk exposure.

The NCCoE initiated the project in collaboration with industry participants to demonstrate several approaches to a zero trust architecture as they are applied to a conventional, general purpose enterprise IT infrastructure. The project is already moving into the design and build phase, Homeland Security Today reported Sunday.

Proponents of the project are expected to examine a combination of commercial and open-source products that leverage cybersecurity standards and recommend practices will showcase the beneficial security features of Zero trust architectures. It is also expected to yield a NIST Cybersecurity Practice Guide, a publicly available description of the practical steps needed to implement the cybersecurity reference designs for zero trust.

Companies participating in this project submitted their capabilities in response to an open call in the Federal Register.