NSA Issues Cybersecurity Information Sheet About Using Zero Trust to Protect ICAM Systems

The National Security Agency has released a new cybersecurity information sheet to mitigate cyber threats faced by identity, credential and access management capabilities through zero trust.

The Advancing Zero Trust Maturity Throughout the User Pillar CSI defines capability and maturity levels for ICAM systems and highlights the role that zero trust would play in protecting them. The NSA noted that a mature zero trust framework comprises seven elements: users, devices, data, applications, networks, visibility and analytics.

The new CSI focuses on how users could use zero trust to strengthen identity protections, the NSA said Tuesday.

According to Kevin Bingham, the zero trust lead official at the NSA, the CSI includes recommendations that will help operators improve protection measures and limit potential damages to ICAM systems.

Zero trust is a cybersecurity framework that calls for the continuous authentication and validation of all users, even those already within an organization’s network, before they are given access to information or applications.

In 2020, the National Institute of Standards and Technology created Special Publication 800-207 to inform government organizations about what zero trust architecture is and to provide deployment models and use cases where zero trust would be beneficial.