NIST Issues Draft Guidance on Zero-Trust Architecture Implementation

Jeff Brody

The National Institute of Standards and Technology has released draft guidelines for implementing a “zero-trust” architecture for government networks in line with existing cybersecurity requirements. Zero-trust architecture is mostly focused on data protection but can also be applied to functionalities at an enterprise level.

According to NIST, ZTA can support agencies’ information technology modernization operations including cloud migration and continuous diagnostics and mitigation. A ZTA-based enterprise environment also warrants constant risk assessments as though hostile elements are already in place within a network.

“Organizations need to implement effective information security and resiliency practices for zero trust to be effective,” the document stated. “When complemented with existing cybersecurity policies and guidance, identity and access management, continuous monitoring, and general cybersecurity, ZTA can reinforce an organization’s security posture using a managed risk approach and protect against common threats.”

NIST will accept feedback on the guidelines through Nov. 22.

You may also be interested in...

Anthony Iasso

Anthony Iasso Named Xator CTO; CEO David Scott Quoted

The Xator Corporation announced on Friday that Anthony Iasso has been appointed the company’s new chief technology officer. Xator CEO David Scott elaborated that Iasso would take advantage of Xator’s key investments in the company’s acquisitions and tech capabilities to further propel its solution offerings for its customers.