Achieving Optimal Zero Trust Maturity: The




            Role of Data and Governance

            By Carolyn Duby, Chief Technology Officer, Cloudera Government Solutions


            The federal  government  has placed  a stronger  emphasis  on zero trust since  OMB’s federal  zero trust
            strategy  memo  from the  beginning  of 2022,  requiring  agencies  to have  a security  model in place  that
            assumes every device, application, or user attempting to access a network cannot be trusted.

            Most recently, the Cybersecurity  and Infrastructure  Security Agency (CISA) issued a second version of
            its Zero Trust Maturity Model (ZTMM 2.0), which provides  a roadmap to guide agencies  to a zero trust
            model by 2024. The ZTMM is a combination of five pillars: identity, devices, networks, applications and
            workloads, and data. It also addresses four levels of maturity, providing useful information for agencies
            regardless of their location on the zero trust journey (traditional, initial, advanced, optimal).

            With  the  impending  deadline,  the  Department  of  Defense  is feeling  the  pressure  and  making  strides
            toward implementing the ZTMM to reach the “optimal” stage of maturity. DOD’s approach to a zero trust
            strategy will equip the Department  with the guidelines  to instill the “never trust, always verify” mindset,
            along  with  a map  of how  to implement  the  zero  trust  strategy  across  all  components  of the  agency,
            including capabilities, technologies, solutions, and processes.





            Cyber Defense eMagazine – August 2023 Edition                                                                                                                                                                                                               32
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.