NIST Finalizes Guidance for Zero-Trust Architecture Implementation

NIST Finalizes Guidance for Zero-Trust Architecture Implementation
Cybersecurity Risk Prevention

The National Institute of Standards and Technology (NIST) has released a publication to help agencies establish and implement a zero-trust architecture (ZTA) for their networks and systems.

The ZTA guidance highlights the core components of the architecture that work to transition cyber defenses from wide network perimeters to assets, resources and users.

NIST noted that the guidance also includes an abstract definition for ZTA as well as use cases and deployment models designed to help fortify the security posture of information technology systems.

“Zero trust focuses on protecting resources (assets, services, workflows, network accounts, etc.), not network segments, as the network location is no longer seen as the prime component to the security posture of the resource,” according to the agency.

“ZTA strategies are already present in current federal cybersecurity policies and programs, though the document includes a gap analysis of areas where more research and standardization are needed to aid agencies in developing and implementing ZTA strategies.”

Check Also

FireEye

FireEye to Provide Cybersecurity Defenses to Texas DIR; Pat Sheridan Quoted

FireEye, Inc. has announced that it will offer cyber security defenses to Texas public sector agencies, under Texas Department of Information Resources (DIR), the company reported on Thursday. Through the end of 2020, FireEye security products and Mandiant Solutions services will be available to all Texas agencies, county governments, cities and school districts through DIR’s Bulk Purchase Initiative for Endpoint Detection and Response (EDR) solutions.