The National Security Agency has issued two new Zero Trust Implementation Guidelines, or ZIGs, to provide organizations with steps and actionable recommendations for the adoption of the cybersecurity framework.
The documents, titled Primer and Discovery Phase, were issued Wednesday as part of a series of reports that the agency intends to release to support efforts to achieve target-level zero trust capabilities.
As the Department of War’s 2027 deadline for compliance looms, find out where agencies are in their zero trust journeys at the Potomac Officers Club’s 2026 Cyber Summit on May 21. The event brings together leaders from across government and industry for insightful panel discussions and networking sessions. Sign up today to secure your spot.
Table of Contents
What Is NSA’s Zero Trust Implementation Guideline?
The ZIG series is an effort to organize the 152 activities in the Department of War’s Zero Trust Strategy. NSA, in partnership with the DOW’s Office of the Chief Information Officer, developed five phases for zero trust implementation, with Discovery and upcoming guidelines titled Phase One and Phase Two are designated as “target level.” Phase Three and Phase Four are “advanced levels.”
The Discovery Phase ZIG covers 14 zero trust activities, while Phase One and Phase Two include 36 and 41 activities, respectively.
According to NSA, the Primer and Discovery Phase documents will provide organizations with information to ensure that they are ready for future implementation guidelines.
Primer discusses how the ZIGs were developed and how it is intended to be used. The NSA said the guidelines are designed to be modular, which will enable organizations to select and implement recommendations based on where they are in their zero trust journeys.
Meanwhile, the Discovery Phase document is intended to enable organizations to establish foundational visibility across their environments and identify critical data, applications, assets and services for zero trust prioritization.
What Other Zero Trust Resources Has NSA Released?
In addition to the ZIG series, the NSA also released seven zero trust framework pillars. The last pillar, published in November 2024, offers guidance on applying automation and orchestration for repetitive, predictable tasks; enhancing critical functions; and coordinating security and incident response.
Related Articles
The Small Business Administration has published a final rule that seeks to modernize the Small Business Investment Company, or SBIC, program to drive private capital investment in critical industries. SBA said Wednesday the final rule, which will take effect Feb. 2, eliminates certain eligibility requirements for SBIC license applications seeking access to the Expedited Subsequent Fund Evaluation Process and reduces regulatory burdens by removing obsolete provisions and improving terms and conditions that help advance SBIC investments. According to the agency, the final rule ensures that the SBIC program remains a strong platform for funding small businesses operating in manufacturing, energy,
Sens. Gary Peters, D-Mich., and Mike Rounds, R-S.D., have proposed a bill that would require the Department of War to develop a cybersecurity workforce strategy. As lawmakers push for a more coordinated Pentagon cyber workforce strategy, collaboration across government and industry remains essential to strengthening national cyber capabilities. The Potomac Officers Club’s 2026 Cyber Summit will bring together leaders shaping the cyber mission across the federal landscape on May 21. Register today to connect with the broader cyber community and stay informed about developments shaping the future of cybersecurity. The Senate Homeland Security and Governmental Affairs Committee said Wednesday the
The University of Arizona has joined a team led by Maryland-headquartered defense technology company Precise Systems to compete for task orders under the Missile Defense Agency’s $151 billion Scalable Homeland Innovative Enterprise Layered Defense, or SHIELD, contract vehicle. The university said Wednesday that its participation in SHIELD, which supports the establishment of the Golden Dome multi-layer missile defense system, aligns with the U of A Office of Research and Partnerships’ national defense focus. Be among the first to learn about opportunities related to the Golden Dome and other technology initiatives at the Department of War by registering for the Potomac