CISA updates zero trust maturity guidance

SecurityWeek reports that the Cybersecurity and Infrastructure Security Agency has unveiled the updated Zero Trust Maturity Model version 2.0, which includes a roadmap helping facilitate zero trust implementations across five pillars, including identity, devices, networks, applications and workloads, and data. CISA has also detailed the maturity model's four stages, namely traditional, initial, advanced, and optimal, which should be integrated with visibility and analytics, automation and orchestration, and governance capabilities. Organizations looking to achieve identity maturity should shift to multi-factor authentication and enable real-time identity risk discovery, while those seeking device maturity should ensure continuous device compliance and comprehensive asset tracking. On the other hand, extensive micro-segmentation and traffic encryption are needed for network maturity, while continuous access authorization and real-time risk analytics are necessary for application maturity. Meanwhile, continuous data inventory and automated data categorization are essential in achieving data maturity. "As agencies transition towards optimal zero trust implementations, associated solutions increasingly rely upon automated processes and systems that more fully integrate across pillars and more dynamically enforce policy decisions. Each pillar can progress at its own pace and may progress more quickly than others until cross-pillar coordination is required," said CISA.