NSA Recommends Using Zero Trust Principles to Strengthen Internal Network Control

The National Security Agency has released “Advancing Zero Trust Maturity Throughout the Network and Environment Pillar,” a Cybersecurity Information Sheet that provides recommendations on how to use zero trust principles to strengthen internal network control and contain network intrusions.

According to the CSI, the network and environment pillar, one of the pillars that compose the zero trust framework, helps in isolating critical resources from authorized access by defining network access and controlling data flows, the NSA said.

Rob Joyce, the NSA’s cybersecurity director and a past Wash100 awardee, said the recent CSI provides organizations with the processes needed to resist, detect and address threats that exploit weaknesses in their network enterprise.

Among the recommendations are proper segmentation of the network at both the macro and micro levels and mapping of data flows based on usage patterns and operational business requirements.

The NSA has been working to ensure that the United States is safe from cyberattacks. In October 2023, it issued guidance on how federal agencies can protect their systems’ devices by equipping them with more effective solutions.