The Cloud Security Alliance (CSA) recently published a new “phone book” entitled “Zero Trust Guiding Principles.” Zero trust is an enormous topic, often misunderstood and overcomplicated. The book's goal is to provide a clear understanding to all, from board members to practitioners of what zero trust is and the guiding principles to be remembered when planning, implementing, and operating ZT.
I’ve had the honor of being involved with CSA’s Zero Trust Advancement Center Working Group over the past 12 months and have been impressed with the organization’s attempts to lower the entry bar to zero trust.
When I was on the customer side as the head of enterprise architecture, I started my own little zero trust project. But due to the immaturity of the industry and lack of publicly available resources, it took me a good two years to finally figure out what it was all about, how to strategize the journey, and how it could actually enable the business and increase users' experience.
The new book, Zero Trust Guiding Principles, is the kind of knowledge I wish was available to me back then, as it would have greatly reduced that two-year discovery window. It would also have come in handy to help evangelize the concepts to other teams and extol the reasons for taking on this massive project.
I urge all CXOs and technical leaders to read this book. (It’s only 20 pages!) The practical concepts contained within are suitable for all, from the board members to zero trust practitioners.
If you’re interested in reading, you can download your copy of the book here.