Whether you are new to information security, or you’re a long-time practitioner, it seems that “zero trust” is the latest initiative at the top of everyone’s priority list.
This is a positive move in the InfoSec world, as many components of the zero trust approach have been implemented individually for many years but lacked overall unity as part of a holistic plan. It’s encouraging that these security drivers are now collated into a formal document.
Special Publication 800-207, created by the National Institute of Standards and Technology (NIST) offers guidance for instituting a zero trust architecture. The document outlines the basic tenets that form the foundation of zero trust. For some organizations, however, the tenets of NIST 800-207 seem overwhelming.
This guide is designed to make these tenets more tangible — to ground them in practical application, enabling your organization to take small, yet action-orientated steps towards achieving this important goal.