CISA to Publish Next Version of Zero Trust Implementation Guidance

The Cybersecurity and Infrastructure Security Agency is set to publish the second version of its zero trust security architecture guidance in the coming days.

Speaking at the Advanced Technology Academic Research Center’s Zero Trust Summit, CISA senior cybersecurity architect Sean Connelly shared that the CISA will review government agencies’ zero trust strategies and match them with the upcoming Zero Trust Maturity Model 2.0. He explained that the updated guidance will be on the CISA website on the week of March 27.

The Zero Trust Maturity Model was first released in 2022 to help government agencies deploy the Continuous Diagnostics and Mitigation program and improve network visibility, FedScoop reported.

According to the CISA, the model is one of several paths that government agencies can use to implement zero trust. The guidance highlights five pillars, namely identity, devices, networks, applications and workloads, and data.

The pillars are meant to help agencies develop a zero trust maturation strategy. Most agencies started with the identity and data pillars, the CISA said.

The U.S. government is aggressively pursuing zero trust. Particularly, the Office of Management and Budget required federal agencies to submit their own implementation plans.